2005年11月25日星期五

nmap 学校内部的一台主机的结果

今天我的防火墙记录了一次被校内的一台主机snmp。
我就尝试着去nmap一下那台主机,结果发现改主机的80端口是打开的。结果如下:
$ nmap 202.119.*.*

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-25 12:45 CST
Interesting ports on *.*.edu.cn (202.119.*.*):
(The 1657 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp closed ftp
53/tcp closed domain
67/tcp closed dhcpserver
68/tcp closed dhcpclient
80/tcp open http

Nmap finished: 1 IP address (1 host up) scanned in 57.608 seconds

但是我从浏览器中链接主机发现默认主页并不存在。
ping改主机,显然ping已经被屏蔽了。

然后我就用下面的命令来侦测改机器的操作系统:
$ sudo nmap -O 202.119.*.*
Password:
Host *.*.edu.cn (202.119.*.*) appears to be up ... good.
Interesting ports on *.*.edu.cn (202.119.*.*):
(The 1657 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp closed ftp
53/tcp closed domain
67/tcp closed dhcpserver
68/tcp closed dhcpclient
80/tcp open http
Device type: general purpose
Running: Microsoft Windows NT/2K/XP
OS details: Microsoft Windows 2000 SP4 or Windows XP SP1
TCP Sequence Prediction: Class=random positive increments
Difficulty=12354 (Worthy challenge)
IPID Sequence Generation: Incremental

Nmap finished: 1 IP address (1 host up) scanned in 38.188 seconds
Raw packets sent: 23 (1108B) | Rcvd: 21 (1074B)

(为了保护该主机的安全,我隐去了IP的后两位和host)
哈哈,原来是一台Windows NT的机器啊。
危险啊。以后得注意啦。
希望我的测试可以引起改主机的注意。看看,nmap得出的结论是Worthy challenge哦 :)

完了,我在nmap时没有用代理,希望学校不要发现 :P
~~~~~~~~
不过谁叫他snmp我的机器呢!呵呵。(我的技术太差,不懂黑客技术啊:) )

没有评论:

发表评论