我正在尝试使用它nmap来检查在给定网络上正在运行哪些服务,但它无法启动,因为nmapIPv4 网络上的 ARP Ping 扫描问题,而在 Infiniband 网络上,据我所知,没有 ARP,因为不支持广播,但如果您使用 IPoIB(Infiniband 上的 IP),则您有 IP 寻址。
我可以确认 IP 网络正在运行,因为我可以执行正常操作ping以及ssh其他所有操作,但却nmap失败了。
输出如下:
# nmap 172.27.0.1-21 -v
Starting Nmap 6.40 ( http://nmap.org ) at 2023-02-04 13:32 -03
Initiating ARP Ping Scan at 13:32
Scanning 21 hosts [1 port/host]
Completed ARP Ping Scan at 13:32, 1.23s elapsed (21 total hosts)
Nmap scan report for 172.27.0.1 [host down]
Nmap scan report for 172.27.0.2 [host down]
Nmap scan report for 172.27.0.3 [host down]
Nmap scan report for 172.27.0.4 [host down]
Nmap scan report for 172.27.0.5 [host down]
Nmap scan report for 172.27.0.6 [host down]
Nmap scan report for 172.27.0.7 [host down]
Nmap scan report for 172.27.0.8 [host down]
Nmap scan report for 172.27.0.9 [host down]
Nmap scan report for 172.27.0.10 [host down]
Nmap scan report for 172.27.0.11 [host down]
Nmap scan report for 172.27.0.12 [host down]
Nmap scan report for 172.27.0.13 [host down]
Nmap scan report for 172.27.0.14 [host down]
Nmap scan report for 172.27.0.15 [host down]
Nmap scan report for 172.27.0.16 [host down]
Nmap scan report for 172.27.0.17 [host down]
Nmap scan report for 172.27.0.18 [host down]
Nmap scan report for 172.27.0.19 [host down]
Nmap scan report for 172.27.0.20 [host down]
Nmap scan report for 172.27.0.21 [host down]
Read data files from: /usr/bin/../share/nmap
Nmap done: 21 IP addresses (0 hosts up) scanned in 1.30 seconds
Raw packets sent: 42 (1.176KB) | Rcvd: 0 (0B)
确认网络正常运行:
ping 172.27.0.10
PING 172.27.0.10 (172.27.0.10) 56(84) bytes of data.
64 bytes from 172.27.0.10: icmp_seq=1 ttl=64 time=0.101 ms
64 bytes from 172.27.0.10: icmp_seq=2 ttl=64 time=0.067 ms
64 bytes from 172.27.0.10: icmp_seq=3 ttl=64 time=0.061 ms
64 bytes from 172.27.0.10: icmp_seq=4 ttl=64 time=0.105 ms
^C
--- 172.27.0.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.061/0.083/0.105/0.021 ms
还有TCP:
# ssh 172.27.0.10
Last login: Sat Feb 4 12:28:26 2023 from xxxxxxx
[root@n10 ~]# hostname
n10
如何nmap在 IPoIB 网络上使用?
答案1
我已经明白了。-sTflag 起了作用,但是由于我仍然不明白的原因,它只适用于-P0或-Pn。
由于我只关心 TCP 服务,所以在这种情况下-sT就足够了。
另外,观察是否-P0或-Pn单独表示主机已关闭也很重要。
所以最终的命令是这样的:
nmap -e ib0 <IP_ADDRESS> -v -sT -P0。