奇怪的 NMAP 输出

tag-icon tag-icon networking linux-networking port nmap
奇怪的 NMAP 输出

我正在尝试使用 扫描主机的 TCP 端口 8092。nmap 7.60当我以非 root 权限执行 nmap 时,它说端口已被过滤,但如果我尝试使用 扫描它,sudo它会告诉我端口实际上是开放的。同样,没有 root 权限nmap告诉我主机已关闭,但它实际上正在回复 ICMP 请求。

主机已关闭:

$ nmap -vv -n -p 8092 10.88.153.90

Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-06 11:59 CET
Initiating Ping Scan at 11:59
Scanning 10.88.153.90 [2 ports]
Completed Ping Scan at 11:59, 3.00s elapsed (1 total hosts)
Nmap scan report for 10.88.153.90 [host down, received no-response]
Read data files from: /usr/bin/../share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.04 seconds

主机已启动,但 TCP 端口 8092 被阻止:

$ nmap -vv -n -p 8092 10.88.153.90 -Pn

Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-06 12:00 CET
Initiating Connect Scan at 12:00
Scanning 10.88.153.90 [1 port]
Completed Connect Scan at 12:00, 2.00s elapsed (1 total ports)
Nmap scan report for 10.88.153.90
Host is up, received user-set.
Scanned at 2019-03-06 12:00:04 CET for 2s

PORT     STATE    SERVICE REASON
8092/tcp filtered unknown no-response

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds

使用 sudo:主机已启动并且端口 8092 已打开:

(这并不完全正确,因为我无法通过该端口检索任何文件。)

$ sudo nmap -vv -n -p 8092 10.88.153.90

Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-06 12:00 CET
Initiating Ping Scan at 12:00
Scanning 10.88.153.90 [4 ports]
Completed Ping Scan at 12:00, 0.22s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 12:00
Scanning 10.88.153.90 [1 port]
Discovered open port 8092/tcp on 10.88.153.90
Completed SYN Stealth Scan at 12:00, 0.23s elapsed (1 total ports)
Nmap scan report for 10.88.153.90
Host is up, received echo-reply ttl 64 (0.00025s latency).
Scanned at 2019-03-06 12:00:13 CET for 1s

PORT     STATE SERVICE REASON
8092/tcp open  unknown syn-ack ttl 64

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.62 seconds
           Raw packets sent: 6 (240B) | Rcvd: 13 (516B)

同时,我对该主机进行了稳定的 ping 操作:

$ ping 10.88.153.90 -c 4
PING 10.88.153.90 (10.88.153.90) 56(84) bytes of data.
64 bytes from 10.88.153.90: icmp_seq=1 ttl=64 time=0.242 ms
64 bytes from 10.88.153.90: icmp_seq=2 ttl=64 time=0.162 ms
64 bytes from 10.88.153.90: icmp_seq=3 ttl=64 time=0.169 ms
64 bytes from 10.88.153.90: icmp_seq=4 ttl=64 time=0.152 ms

--- 10.88.153.90 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 77ms
rtt min/avg/max/mdev = 0.152/0.181/0.242/0.036 ms

我执行这些命令的服务器和都10.88.153.90在防火墙后面,但它们应该能够看到彼此以及所有暴露的端口,但显然事实并非如此。这是来自 10.88.153.90 内部的:

$ netstat -tulnp | grep 8092
tcp        0      0 0.0.0.0:8092            0.0.0.0:*               LISTEN      194735/nginx: maste

我的端口 22 也遇到了同样的情况,我可以使用配置为设备另一个端口的不同网络的另一个私有 IP 连接到 10.88.153.90,但是当我尝试连接到 10.88.153.90 时出现连接超时:

$ ssh -vvv [email protected]
OpenSSH_7.7p1 Ubuntu-4ubuntu0.2, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /home/ubuntu/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 10.88.153.90 is address
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.88.153.90 [10.88.153.90] port 22.
debug1: connect to address 10.88.153.90 port 22: Connection timed out
ssh: connect to host 10.88.153.90 port 22: Connection timed out

我的问题是:为什么主机/端口似乎已启动/打开,但我仍然无法连接到它?

答案1

最后,看来我在这个设备上配置了两个默认网关,我需要删除第二个网关并将路由添加到我的请求来源的特定网络。

相关内容