当我启动某个 IP 地址的 -sA 扫描时,它会将端口“80”显示为“未过滤”。代码如下。
sudo nmap -sA -vv -p 80 192.168.0.30 -Pn
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-24 01:09 EDT
Initiating ARP Ping Scan at 01:09
Scanning 192.168.0.30 [1 port]
Completed ARP Ping Scan at 01:09, 1.34s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 01:09
Completed Parallel DNS resolution of 1 host. at 01:09, 0.37s elapsed
Initiating ACK Scan at 01:09
Scanning 192.168.0.30 [1 port]
Completed ACK Scan at 01:09, 0.73s elapsed (1 total ports)
Nmap scan report for 192.168.0.30
Host is up, received arp-response (1.1s latency).
Scanned at 2022-03-24 01:09:50 EDT for 0s
PORT STATE SERVICE REASON
80/tcp unfiltered http reset ttl 64
但是,当我启动像 -sT 这样的扫描类型时,它会将端口“80”显示为“已关闭”。代码如下。
sudo nmap -sT -vv -p 80 192.168.0.30 -Pn
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-24 01:15 EDT
Initiating Parallel DNS resolution of 1 host. at 01:15
Completed Parallel DNS resolution of 1 host. at 01:15, 0.24s elapsed
Initiating Connect Scan at 01:15
Scanning 192.168.0.30 [1 port]
Completed Connect Scan at 01:15, 0.25s elapsed (1 total ports)
Nmap scan report for 192.168.0.30
Host is up, received user-set (0.25s latency).
Scanned at 2022-03-24 01:15:03 EDT for 0s
PORT STATE SERVICE REASON
80/tcp closed http conn-refused
我想知道为什么会出现这种情况以及是否正常。另外,端口可以像本例一样既关闭又未过滤吗?
答案1
这个问题的答案就在文档:
-sA(TCP ACK 扫描)
此扫描与迄今为止讨论的其他扫描不同它永远不会确定开放(甚至开放|过滤)端口。它用于映射防火墙规则集,确定它们是否有状态以及过滤哪些端口。