如何在扫描服务器端口时隐藏我正在运行的 Linux 版本?
当我从外部 nmap'ed (nmap -A -T4 192.168.40.12) 服务器的 ip 时,结果如下:
Starting Nmap 4.62 ( http://nmap.org ) at 2009-11-07 11:27 IRST
LUA INTERPRETER in nse_init.cc:763: /usr/share/nmap/scripts/robots.nse:4: module 'http' not found:
no field package.preload['http']
no file '/usr/share/nmap/nselib/http.lua'
no file './http.lua'
no file '/usr/local/share/lua/5.1/http.lua'
no file '/usr/local/share/lua/5.1/http/init.lua'
no file '/usr/local/lib/lua/5.1/http.lua'
no file '/usr/local/lib/lua/5.1/http/init.lua'
no file '/usr/lib/nmap/nselib-bin/http.so'
no file './http.so'
no file '/usr/local/lib/lua/5.1/http.so'
no file '/usr/local/lib/lua/5.1/loadall.so'
SCRIPT ENGINE: Aborting script scan.
Interesting ports on 192.168.40.12:
Not shown: 1710 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 3.9p1 (protocol 1.99)
53/tcp open domain dnsmasq 2.47
80/tcp open http Apache httpd
222/tcp open ssh OpenSSH 3.9p1 (protocol 1.99)
8081/tcp open http CherryPy httpd 2.3.0
MAC Address: 00:10:F3:0F:59:B7 (Nexcom International Co.)
Device type: firewall
Running: IPCop Linux 2.4.X
OS details: IPCop firewall 1.4.10 - 1.4.15 (Linux 2.4.31 - 2.4.34)
Network Distance: 1 hop
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 8.180 seconds
我不希望显示操作系统详细信息。我正在使用 IPCop 防火墙。
谢谢。
nmap 通过使用(除其他外)TCP/IP 堆栈的特性来猜测目标主机上运行的操作系统。您无法阻止这种情况,除非您更改 Linux 的 TCP/IP 堆栈的工作方式。
nmap 的操作系统检测的详细信息:
此外,被动操作系统指纹识别工具 (p0f)的README 文件也可以为您提供有关其工作原理的线索。
| 归档时间: |
|
| 查看次数: |
9567 次 |
| 最近记录: |