Windows Server 2008 Standard,防火墙被组策略禁用,但端口仍然被过滤

tag-icon tag-icon windows-server-2008 centos ping snmp nmap
Windows Server 2008 Standard,防火墙被组策略禁用,但端口仍然被过滤

嘻嘻,

因此,安装 WS2008R2S 的 vanilla 版本,使用 GP 禁用 FW,并尝试使用同一子网上的另一台主机获取 SNMP。下面是 if/ipconfig 和 nmap -p 161 的输出。两台机器都在 VirtualBox 中运行,连接桥接到无线适配器,这是主机上唯一的活动连接。

[root@localhost ~]# ping 192.168.11.122
PING 192.168.11.122 (192.168.11.122) 56(84) bytes of data.
64 bytes from 192.168.11.122: icmp_seq=1 ttl=128 time=5.50 ms
^C
--- 192.168.11.122 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 455ms
rtt min/avg/max/mdev = 5.508/5.508/5.508/0.000 ms
[root@localhost ~]# nmap -p 161 192.168.11.122

Starting Nmap 5.21 ( http://nmap.org ) at 2012-02-09 13:53 GMT
Nmap scan report for WIN-ERO1FIMO8N5.xxxxxxxx.com (192.168.11.122)
Host is up (0.00041s latency).
PORT    STATE    SERVICE
161/tcp filtered snmp
MAC Address: 08:00:27:E7:AA:E0 (Cadmus Computer Systems)

Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds
[root@localhost ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 08:00:27:E5:CD:BD
          inet addr:192.168.11.101  Bcast:192.168.11.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fee5:cdbd/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9396 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4493 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3784239 (3.6 MiB)  TX bytes:2109091 (2.0 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1301 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1301 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:142214 (138.8 KiB)  TX bytes:142214 (138.8 KiB)

[root@localhost ~]#





Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : xxxxxxx.com
   Link-local IPv6 Address . . . . . : fe80::c82a:4a79:50bb:1832%11
   IPv4 Address. . . . . . . . . . . : 192.168.11.122
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.11.200

有任何想法吗? :(

编辑

部分 netstat 输出...

TCP    [::]:49155             [::]:0                 LISTENING
TCP    [::]:49156             [::]:0                 LISTENING
TCP    [::]:49157             [::]:0                 LISTENING
UDP    0.0.0.0:161            *:*
UDP    0.0.0.0:500            *:*
UDP    0.0.0.0:4500           *:*
UDP    0.0.0.0:5355           *:*
UDP    192.168.11.122:137     *:*
UDP    192.168.11.122:138     *:*
UDP    [::]:161               *:*
UDP    [::]:500               *:*
UDP    [::]:4500              *:*
UDP    [::]:5355              *:*

答案1

您是否明确允许 SNMP 服务允许来自远程主机 IP 地址的数据包(服务、SNMP、属性、安全)。默认情况下,它仅允许本地主机。

答案2

这篇文章将引导您按照您的喜好配置 SNMP 服务。

http://aaronwalrath.wordpress.com/2010/06/02/monitoring-windows-server-2008-r2-with-snmp-and-cacti/

答案3

VirtualBox 实例出现了一些非常奇怪的问题。没关系,无论如何还是要谢谢你!

相关内容