NMAP结果不一致
NMAP结果不一致
提问于 2019-02-24 11:37:27
我在做一个连续运行的NMAP扫描。由于某些原因,结果不一致。有时它检测本地网络的所有连接设备,有时只检测其中的一些设备。
关于我正在扫描的网络的背景:我使用Ubuntu通过将WAN共享到LAN来创建一个专用的本地网络。我的子网是10.42.0.0/24,扫描机是共享网络的机器。
我试过了:
nmap 10.42.0.0/24 -O -T4 -Fnmap 10.42.0.0/24 -T4 -Fnmap 10.42.0.0/24 -Onmap 10.42.0.0/24 -O -Pnnmap 10.42.0.0/24 -O -Pn -e
在所有的测试中我都会遇到这个问题。
示例: S1:
$ sudo nmap 10.42.0.0/24 -O -Pn -e eth0
Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-24 13:17 IST
Nmap scan report for Galaxy-S8 (10.42.0.147)
Host is up (0.0094s latency).
All 1000 scanned ports on Galaxy-S8 (10.42.0.147) are closed
MAC Address: ***** (Samsung Electro-mechanics(thailand))
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 256 IP addresses (1 host up) scanned in 13.80 secondsScan2:
$ sudo nmap 10.42.0.0/24 -O -Pn -e eth0
Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-24 13:28 IST
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Nmap scan report for NX (10.42.0.26)
Host is up (0.0031s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
902/tcp open iss-realsecure
8082/tcp open blackice-alerts
MAC Address: **** (Intel Corporate)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 256 IP addresses (1 host up) scanned in 31.74 secondsscan3:
$ sudo nmap 10.42.0.0/24 -O -Pn -e eth0
Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-24 13:29 IST
Nmap done: 256 IP addresses (0 hosts up) scanned in 15.98 secondsScan4:
$ sudo nmap 10.42.0.0/24 -O -Pn -e eth0
Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-24 13:29 IST
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Nmap scan report for NX (10.42.0.26)
Host is up (0.015s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
902/tcp open iss-realsecure
8082/tcp open blackice-alerts
MAC Address: **** (Intel Corporate)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Network Distance: 1 hop
Nmap scan report for Galaxy-S8 (10.42.0.147)
Host is up (0.020s latency).
All 1000 scanned ports on Galaxy-S8 (10.42.0.147) are filtered (828) or closed (172)
MAC Address: **** (Samsung Electro-mechanics(thailand))
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 256 IP addresses (2 hosts up) scanned in 83.02 seconds因此,第一次扫描检测到10.42.0.147,第二次检测到10.42.0.26,第三次没有检测到任何东西,最后一次检测到10.42.0.26和10.42.0.147。
会很感激你的帮助。
回答 1
Security用户
发布于 2019-02-27 13:16:46
我以前在nmap中看到过这种行为,根据我的经验,它与nmap本身没有任何关系,而是与正在被扫描的设备有关。
我认为这里的实际问题是设备的防火墙阻塞了扫描。这可能是因为防火墙上不同的速率、不同的端口和其他自定义选项(您可能甚至不知道是否存在)。一些防火墙迅速打开和关闭端口。我的android手机就像这样在网络上或从网络上弹出。
在尝试其他任何东西之前,您应该检查设备上的防火墙。您还可以使用-Pn扫描更多信息,也可以尝试使用马斯坎查看问题是否仍然存在。
这可能不是一个答案,但至少这是值得注意的。
页面原文内容由Security提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://security.stackexchange.com/questions/204188
复制相关文章
相似问题
腾讯云开发者
