这正在扰乱我。
当超过~160个IP地址被指定时,我始终有一个设备无法响应nmap扫描。 我似乎在150-160个IP地址之间得到了混合的结果,而且总是会有所反应。
该设备是一个惠普打印机应该没有什么大不了的。
意图是一个简单的扫描,看看那个细分市场上还有什么活的。 该脚本将在我们的各种networking上运行,并从该网段的服务器上运行。 我们正在使用fping和arp的组合,现在试图用nmapreplace它。
# ping -c1 10.10.0.155 PING 10.10.0.155 (10.10.0.155) 56(84) bytes of data. 64 bytes from 10.10.0.155: icmp_seq=1 ttl=60 time=6.75 ms --- 10.10.0.155 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 6ms rtt min/avg/max/mdev = 6.755/6.755/6.755/0.000 ms 刚刚扫描设备的示例:
# nmap -R -sn -d 10.10.0.155 --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 1000 min-rate: 0, max-rate: 0 --------------------------------------------- Initiating ARP Ping Scan at 15:35 Scanning 10.10.0.155 [1 port] Packet capture filter (device eth0): arp and arp[18:4] = 0x0050569A and arp[22:2] = 0x002B Completed ARP Ping Scan at 15:35, 0.01s elapsed (1 total hosts) Overall sending rates: 71.98 packets / s, 3023.32 bytes / s. mass_rdns: Using DNS server 10.10.0.10 mass_rdns: Using DNS server 10.10.0.11 Initiating Parallel DNS resolution of 1 host. at 15:35 mass_rdns: 0.00s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 15:35, 0.00s elapsed DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0] Nmap scan report for vd05.mydomain.com (10.10.0.155) Host is up, received arp-response (0.0014s latency). MAC Address: 00:10:83:56:E4:94 (Hewlett-packard Company) Final times for host: srtt: 1391 rttvar: 5000 to: 100000 Read from /usr/share/nmap: nmap-mac-prefixes nmap-payloads. Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
然后运行一个更大的范围我简单地得到一个主机:
# nmap -R -sn -d 10.10.0.0/24 -or- # nmap -R -sn -d 10.10.0.90-254 ... Nmap scan report for vd05.mydomain.com (10.10.0.155) [host down, received no-response] ...
感觉这可能是更多的超时问题,但nmap默认看起来他们是绰绰有余?
有什么build议么?