当我根据Centos 5部署指南执行“nmap -sT -O localhost”时,我得到:
Not shown: 1677 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 8080/tcp open http-proxy 这是有道理的。 但是当我从另一台机器执行“sudo nmap -sT -O -Pn my.ip.address”时,我得到:
Not shown: 917 filtered ports PORT STATE SERVICE 7/tcp open echo 21/tcp open ftp 22/tcp open ssh 70/tcp open gopher 83/tcp open mit-ml-dev 139/tcp closed netbios-ssn 306/tcp open unknown 366/tcp open odmr 445/tcp closed microsoft-ds 465/tcp open smtps 513/tcp open login 541/tcp open uucp-rlogin 554/tcp open rtsp 700/tcp open epp 705/tcp open agentx 901/tcp open samba-swat 992/tcp open telnets 1002/tcp open windows-icfw 1010/tcp open surf 1027/tcp open IIS 1059/tcp open nimreg 1094/tcp open rootd 1108/tcp open ratio-adp 1113/tcp open ltp-deepspace 1151/tcp open unizensus 1152/tcp open winpoplanmess 1443/tcp open ies-lm 1455/tcp open esl-lm 1494/tcp open citrix-ica 1717/tcp open fj-hdnet 1783/tcp open unknown 2323/tcp open 3d-nfsd 2394/tcp open ms-olap2 2492/tcp open groove 2557/tcp open nicetec-mgmt 2604/tcp open ospfd 2701/tcp open sms-rcinfo 3128/tcp open squid-http 3260/tcp open iscsi 3283/tcp open netassistant 3390/tcp open dsc 3766/tcp open unknown 3998/tcp open dnx 4002/tcp open mlchat-proxy 5050/tcp open mmcc 5120/tcp open unknown 5190/tcp open aol 5550/tcp open sdadmind 5631/tcp open pcanywheredata 5815/tcp open unknown 5822/tcp open unknown 5922/tcp open unknown 6692/tcp open unknown 6901/tcp open jetstream 7019/tcp open unknown 7070/tcp open realserver 7435/tcp open unknown 7938/tcp open lgtomapper 8002/tcp open teradataordbms 8010/tcp open xmpp 8085/tcp open unknown 8194/tcp open sophos 8254/tcp open unknown 8300/tcp open tmi 9002/tcp open dynamid 9594/tcp open msgsys 9929/tcp open nping-echo 10025/tcp open unknown 10243/tcp open unknown 10626/tcp open unknown 10778/tcp open unknown 12174/tcp open unknown 16012/tcp open unknown 18101/tcp open unknown 20000/tcp open dnp 20005/tcp open btx 24800/tcp open unknown 32768/tcp open filenet-tms 32777/tcp open sometimes-rpc17 32783/tcp open unknown 50001/tcp open unknown 50500/tcp open unknown 54328/tcp open unknown
咦!? 最奇怪的是一些不允许通过防火墙的端口是closures的(比如netbios-ssn),而其他端口是开放的(ftp)。 事实上,我的机器上甚至没有安装ftp服务。
我的iptable看起来像这样:
Chain INPUT (policy DROP 531K packets, 178M bytes) pkts bytes target prot opt in out source destination 6907 339K ACCEPT all -- lo any anywhere anywhere 115K 27M ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh 42398 45M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 164K packets, 30M bytes) pkts bytes target prot opt in out source destination
更新:我真正的问题是 – 我可以假设,因为本地nmap只显示三个服务侦听,我不必担心所有远程nmap返回的额外条目? IOW,是否还有其他进程正在监听,而不是由本地nmap报告?
程序可以绑定到本地主机而不是外部接口,或者相反。 外部的观点是更准确的(假设中间没有什么聪明的做法)。
你可以从其他机器连接到其他任何端口吗?
你也可以使用lsof -i -n -P | grep LIST lsof -i -n -P | grep LIST来查看哪些进程正在您的机器上的端口上进行侦听。 看看这个结果是否与nmap输出更好地相关。