web-dev-qa-db-ja.com

ファイアウォールを回避した後のnmapの結果

F5ファイアウォールで保護されたサーバーでnmapスキャンを実行しました。

Nmapコマンドを使用しましたnmap -vvv -f -Pn -mtu 8 -sN -oN nmap-results.txt 192.168.22.102

この結果はありましたが、疑わしいようです。この結果は本当ですか、どのように確認できますか?

PORT      STATE         SERVICE              REASON
1/tcp     open|filtered tcpmux               no-response
3/tcp     open|filtered compressnet          no-response
4/tcp     open|filtered unknown              no-response
6/tcp     open|filtered unknown              no-response
7/tcp     open|filtered echo                 no-response
9/tcp     open|filtered discard              no-response
13/tcp    open|filtered daytime              no-response
17/tcp    open|filtered qotd                 no-response
19/tcp    open|filtered chargen              no-response
20/tcp    open|filtered ftp-data             no-response
21/tcp    open|filtered ftp                  no-response
22/tcp    open|filtered ssh                  no-response
23/tcp    open|filtered telnet               no-response
24/tcp    open|filtered priv-mail            no-response
25/tcp    open|filtered smtp                 no-response
26/tcp    open|filtered rsftp                no-response
30/tcp    open|filtered unknown              no-response
32/tcp    open|filtered unknown              no-response
33/tcp    open|filtered dsp                  no-response
37/tcp    open|filtered time                 no-response
42/tcp    open|filtered nameserver           no-response
43/tcp    open|filtered whois                no-response
49/tcp    open|filtered tacacs               no-response
53/tcp    open|filtered domain               no-response
70/tcp    open|filtered Gopher               no-response
79/tcp    open|filtered finger               no-response
80/tcp    open|filtered http                 no-response
81/tcp    open|filtered hosts2-ns            no-response
82/tcp    open|filtered xfer                 no-response
83/tcp    open|filtered mit-ml-dev           no-response
84/tcp    open|filtered ctf                  no-response
85/tcp    open|filtered mit-ml-dev           no-response
88/tcp    open|filtered kerberos-sec         no-response
89/tcp    open|filtered su-mit-tg            no-response
90/tcp    open|filtered dnsix                no-response
99/tcp    open|filtered metagram             no-response
100/tcp   open|filtered newacct              no-response
106/tcp   open|filtered pop3pw               no-response
109/tcp   open|filtered pop2                 no-response
110/tcp   open|filtered pop3                 no-response
111/tcp   open|filtered rpcbind              no-response
113/tcp   open|filtered ident                no-response
119/tcp   open|filtered nntp                 no-response
125/tcp   open|filtered locus-map            no-response
135/tcp   open|filtered msrpc                no-response
139/tcp   open|filtered netbios-ssn          no-response
143/tcp   open|filtered imap                 no-response
144/tcp   open|filtered news                 no-response
146/tcp   open|filtered iso-tp0              no-response
161/tcp   open|filtered snmp                 no-response
163/tcp   open|filtered cmip-man             no-response
179/tcp   open|filtered bgp                  no-response
199/tcp   open|filtered smux                 no-response
211/tcp   open|filtered 914c-g               no-response
212/tcp   open|filtered anet                 no-response
222/tcp   open|filtered rsh-spx              no-response
254/tcp   open|filtered unknown              no-response
255/tcp   open|filtered unknown              no-response
256/tcp   open|filtered fw1-secureremote     no-response
259/tcp   open|filtered esro-gen             no-response
264/tcp   open|filtered bgmp                 no-response
280/tcp   open|filtered http-mgmt            no-response
301/tcp   open|filtered unknown              no-response
306/tcp   open|filtered unknown              no-response
311/tcp   open|filtered asip-webadmin        no-response
340/tcp   open|filtered unknown              no-response
366/tcp   open|filtered odmr                 no-response
389/tcp   open|filtered ldap                 no-response
406/tcp   open|filtered imsp                 no-response
407/tcp   open|filtered timbuktu             no-response
416/tcp   open|filtered silverplatter        no-response
417/tcp   open|filtered onmux                no-response
425/tcp   open|filtered icad-el              no-response
427/tcp   open|filtered svrloc               no-response
443/tcp   open|filtered https                no-response
444/tcp   open|filtered snpp                 no-response
445/tcp   open|filtered Microsoft-ds         no-response
458/tcp   open|filtered appleqtc             no-response
464/tcp   open|filtered kpasswd5             no-response
465/tcp   open|filtered smtps                no-response
481/tcp   open|filtered dvs                  no-response
497/tcp   open|filtered retrospect           no-response
500/tcp   open|filtered isakmp               no-response
512/tcp   open|filtered exec                 no-response
513/tcp   open|filtered login                no-response
514/tcp   open|filtered Shell                no-response
515/tcp   open|filtered printer              no-response
524/tcp   open|filtered ncp                  no-response
541/tcp   open|filtered uucp-rlogin          no-response
543/tcp   open|filtered klogin               no-response
544/tcp   open|filtered kshell               no-response
545/tcp   open|filtered ekshell              no-response
548/tcp   open|filtered afp                  no-response
554/tcp   open|filtered rtsp                 no-response
555/tcp   open|filtered dsf                  no-response
563/tcp   open|filtered snews                no-response
587/tcp   open|filtered submission           no-response
593/tcp   open|filtered http-rpc-epmap       no-response
616/tcp   open|filtered sco-sysmgr           no-response
617/tcp   open|filtered sco-dtmgr            no-response
625/tcp   open|filtered Apple-xsrvr-admin    no-response
631/tcp   open|filtered ipp                  no-response
636/tcp   open|filtered ldapssl              no-response
646/tcp   open|filtered ldp                  no-response
648/tcp   open|filtered rrp                  no-response
666/tcp   open|filtered Doom                 no-response
667/tcp   open|filtered disclose             no-response
668/tcp   open|filtered mecomm               no-response
683/tcp   open|filtered corba-iiop           no-response
687/tcp   open|filtered asipregistry         no-response
691/tcp   open|filtered resvc                no-response
700/tcp   open|filtered epp                  no-response
705/tcp   open|filtered agentx               no-response
711/tcp   open|filtered Cisco-tdp            no-response
714/tcp   open|filtered iris-xpcs            no-response
720/tcp   open|filtered unknown              no-response
722/tcp   open|filtered unknown              no-response
726/tcp   open|filtered unknown              no-response
749/tcp   open|filtered kerberos-adm         no-response
765/tcp   open|filtered webster              no-response
777/tcp   open|filtered multiling-http       no-response
783/tcp   open|filtered spamassassin         no-response
787/tcp   open|filtered qsc                  no-response
800/tcp   open|filtered mdbs_daemon          no-response
801/tcp   open|filtered device               no-response
808/tcp   open|filtered ccproxy-http         no-response
843/tcp   open|filtered unknown              no-response
873/tcp   open|filtered rsync                no-response
880/tcp   open|filtered unknown              no-response
888/tcp   open|filtered accessbuilder        no-response
898/tcp   open|filtered Sun-manageconsole    no-response
900/tcp   open|filtered omginitialrefs       no-response
901/tcp   open|filtered samba-swat           no-response
902/tcp   open|filtered iss-realsecure       no-response
903/tcp   open|filtered iss-console-mgr      no-response
911/tcp   open|filtered xact-backup          no-response
912/tcp   open|filtered apex-mesh            no-response
981/tcp   open|filtered unknown              no-response
987/tcp   open|filtered unknown              no-response
990/tcp   open|filtered ftps                 no-response
992/tcp   open|filtered telnets              no-response
993/tcp   open|filtered imaps                no-response
995/tcp   open|filtered pop3s                no-response
999/tcp   open|filtered garcon               no-response
1000/tcp  open|filtered cadlock              no-response
1001/tcp  open|filtered webpush              no-response
1002/tcp  open|filtered windows-icfw         no-response
1007/tcp  open|filtered unknown              no-response
1009/tcp  open|filtered unknown              no-response
1010/tcp  open|filtered surf                 no-response
1011/tcp  open|filtered unknown              no-response
1021/tcp  open|filtered exp1                 no-response
1022/tcp  open|filtered exp2                 no-response
1023/tcp  open|filtered netvenuechat         no-response
1024/tcp  open|filtered kdm                  no-response
1025/tcp  open|filtered NFS-or-IIS           no-response
1026/tcp  open|filtered LSA-or-nterm         no-response
1027/tcp  open|filtered IIS                  no-response
1028/tcp  open|filtered unknown              no-response
1029/tcp  open|filtered ms-lsa               no-response
1030/tcp  open|filtered iad1                 no-response
1031/tcp  open|filtered iad2                 no-response
1032/tcp  open|filtered iad3                 no-response
1033/tcp  open|filtered netinfo              no-response
1034/tcp  open|filtered zincite-a            no-response
1035/tcp  open|filtered multidropper         no-response
1036/tcp  open|filtered nsstp                no-response
1037/tcp  open|filtered ams                  no-response
1038/tcp  open|filtered mtqp                 no-response
1039/tcp  open|filtered sbl                  no-response
1040/tcp  open|filtered netsaint             no-response
1041/tcp  open|filtered danf-ak2             no-response
1042/tcp  open|filtered afrog                no-response
1043/tcp  open|filtered boinc                no-response
1044/tcp  open|filtered dcutility            no-response
1045/tcp  open|filtered fpitp                no-response
1046/tcp  open|filtered wfremotertm          no-response
1047/tcp  open|filtered neod1                no-response
1048/tcp  open|filtered neod2                no-response
1049/tcp  open|filtered td-postman           no-response
1050/tcp  open|filtered Java-or-OTGfileshare no-response
1051/tcp  open|filtered optima-vnet          no-response
1052/tcp  open|filtered ddt                  no-response
1053/tcp  open|filtered remote-as            no-response
1054/tcp  open|filtered brvread              no-response
1055/tcp  open|filtered ansyslmd             no-response
1056/tcp  open|filtered vfo                  no-response
1057/tcp  open|filtered startron             no-response
1058/tcp  open|filtered nim                  no-response
1059/tcp  open|filtered nimreg               no-response
1060/tcp  open|filtered polestar             no-response
1061/tcp  open|filtered kiosk                no-response
1062/tcp  open|filtered veracity             no-response
1063/tcp  open|filtered kyoceranetdev        no-response
1064/tcp  open|filtered jstel                no-response
1065/tcp  open|filtered syscomlan            no-response
1066/tcp  open|filtered fpo-fns              no-response
1067/tcp  open|filtered instl_boots          no-response
1068/tcp  open|filtered instl_bootc          no-response
1069/tcp  open|filtered cognex-insight       no-response
1070/tcp  open|filtered gmrupdateserv        no-response
1071/tcp  open|filtered bsquare-voip         no-response
1072/tcp  open|filtered cardax               no-response
1073/tcp  open|filtered bridgecontrol        no-response
1074/tcp  open|filtered warmspotMgmt         no-response
1075/tcp  open|filtered rdrmshc              no-response
1076/tcp  open|filtered sns_credit           no-response
1077/tcp  open|filtered imgames              no-response
1078/tcp  open|filtered avocent-proxy        no-response
1079/tcp  open|filtered asprovatalk          no-response
1080/tcp  open|filtered socks                no-response
1081/tcp  open|filtered pvuniwien            no-response
1082/tcp  open|filtered amt-esd-prot         no-response
1083/tcp  open|filtered ansoft-lm-1          no-response
1084/tcp  open|filtered ansoft-lm-2          no-response
1085/tcp  open|filtered webobjects           no-response
1086/tcp  open|filtered cplscrambler-lg      no-response
1087/tcp  open|filtered cplscrambler-in      no-response
1088/tcp  open|filtered cplscrambler-al      no-response
1089/tcp  open|filtered ff-annunc            no-response
1090/tcp  open|filtered ff-fms               no-response
1091/tcp  open|filtered ff-sm                no-response
1092/tcp  open|filtered obrpd                no-response
1093/tcp  open|filtered proofd               no-response
1094/tcp  open|filtered rootd                no-response
1095/tcp  open|filtered nicelink             no-response
1096/tcp  open|filtered cnrprotocol          no-response
1097/tcp  open|filtered sunclustermgr        no-response
1098/tcp  open|filtered rmiactivation        no-response
1099/tcp  open|filtered rmiregistry          no-response
1100/tcp  open|filtered mctp                 no-response
1102/tcp  open|filtered adobeserver-1        no-response
1104/tcp  open|filtered xrl                  no-response
1105/tcp  open|filtered ftranhc              no-response
1106/tcp  open|filtered isoipsigport-1       no-response
1107/tcp  open|filtered isoipsigport-2       no-response
1108/tcp  open|filtered ratio-adp            no-response
1110/tcp  open|filtered nfsd-status          no-response
1111/tcp  open|filtered lmsocialserver       no-response
1112/tcp  open|filtered msql                 no-response
1113/tcp  open|filtered ltp-deepspace        no-response
1114/tcp  open|filtered mini-sql             no-response
1117/tcp  open|filtered ardus-mtrns          no-response
1119/tcp  open|filtered bnetgame             no-response
1121/tcp  open|filtered rmpp                 no-response
1122/tcp  open|filtered availant-mgr         no-response
1123/tcp  open|filtered murray               no-response
1124/tcp  open|filtered hpvmmcontrol         no-response
1126/tcp  open|filtered hpvmmdata            no-response
1130/tcp  open|filtered casp                 no-response
1131/tcp  open|filtered caspssl              no-response
1132/tcp  open|filtered kvm-via-ip           no-response
1137/tcp  open|filtered trim                 no-response
1138/tcp  open|filtered encrypted_admin      no-response
1141/tcp  open|filtered mxomss               no-response
1145/tcp  open|filtered x9-icue              no-response
1147/tcp  open|filtered capioverlan          no-response
1148/tcp  open|filtered elfiq-repl           no-response
1149/tcp  open|filtered bvtsonar             no-response
1151/tcp  open|filtered unizensus            no-response
1152/tcp  open|filtered winpoplanmess        no-response
1154/tcp  open|filtered resacommunity        no-response
1163/tcp  open|filtered sddp                 no-response
1164/tcp  open|filtered qsm-proxy            no-response
1165/tcp  open|filtered qsm-gui              no-response
1166/tcp  open|filtered qsm-remote           no-response
1169/tcp  open|filtered tripwire             no-response
1174/tcp  open|filtered fnet-remote-ui       no-response
1175/tcp  open|filtered dossier              no-response
1183/tcp  open|filtered llsurfup-http        no-response
1185/tcp  open|filtered catchpole            no-response
1186/tcp  open|filtered mysql-cluster        no-response
1187/tcp  open|filtered alias                no-response
1192/tcp  open|filtered caids-sensor         no-response
1198/tcp  open|filtered cajo-discovery       no-response
1199/tcp  open|filtered dmidi                no-response
1201/tcp  open|filtered nucleus-sand         no-response
1213/tcp  open|filtered mpc-lifenet          no-response
1216/tcp  open|filtered etebac5              no-response
1217/tcp  open|filtered hpss-ndapi           no-response
1218/tcp  open|filtered aeroflight-ads       no-response
1233/tcp  open|filtered univ-appserver       no-response
1234/tcp  open|filtered hotline              no-response
1236/tcp  open|filtered bvcontrol            no-response
1244/tcp  open|filtered isbconference1       no-response
1247/tcp  open|filtered visionpyramid        no-response
1248/tcp  open|filtered hermes               no-response
1259/tcp  open|filtered opennl-voice         no-response
1271/tcp  open|filtered excw                 no-response
1272/tcp  open|filtered cspmlockmgr          no-response
1277/tcp  open|filtered miva-mqs             no-response
1287/tcp  open|filtered routematch           no-response
1296/tcp  open|filtered dproxy               no-response
1300/tcp  open|filtered h323hostcallsc       no-response
1301/tcp  open|filtered ci3-software-1       no-response
1309/tcp  open|filtered jtag-server          no-response
1310/tcp  open|filtered husky                no-response
1311/tcp  open|filtered rxmon                no-response
1322/tcp  open|filtered novation             no-response
1328/tcp  open|filtered ewall                no-response
1334/tcp  open|filtered writesrv             no-response
1352/tcp  open|filtered lotusnotes           no-response
1417/tcp  open|filtered timbuktu-srv1        no-response
1433/tcp  open|filtered ms-sql-s             no-response
1434/tcp  open|filtered ms-sql-m             no-response
1443/tcp  open|filtered ies-lm               no-response
1455/tcp  open|filtered esl-lm               no-response
1461/tcp  open|filtered ibm_wrless_lan       no-response
1494/tcp  open|filtered citrix-ica           no-response
1500/tcp  open|filtered vlsi-lm              no-response
1501/tcp  open|filtered sas-3                no-response
1503/tcp  open|filtered imtc-mcs             no-response
1521/tcp  open|filtered Oracle               no-response
1524/tcp  open|filtered ingreslock           no-response
1533/tcp  open|filtered virtual-places       no-response
1556/tcp  open|filtered veritas_pbx          no-response
1580/tcp  open|filtered tn-tl-r1             no-response
1583/tcp  open|filtered simbaexpress         no-response
1594/tcp  open|filtered sixtrak              no-response
1600/tcp  open|filtered issd                 no-response
1641/tcp  open|filtered invision             no-response
1658/tcp  open|filtered sixnetudr            no-response
1666/tcp  open|filtered netview-aix-6        no-response
1687/tcp  open|filtered nsjtp-ctrl           no-response
1688/tcp  open|filtered nsjtp-data           no-response
1700/tcp  open|filtered mps-raft             no-response
1717/tcp  open|filtered fj-hdnet             no-response
1718/tcp  open|filtered h323gatedisc         no-response
1719/tcp  open|filtered h323gatestat         no-response
1720/tcp  open|filtered h323q931             no-response
1721/tcp  open|filtered caicci               no-response
1723/tcp  open|filtered pptp                 no-response
1755/tcp  open|filtered wms                  no-response
1761/tcp  open|filtered landesk-rc           no-response
1782/tcp  open|filtered hp-hcip              no-response
1783/tcp  open|filtered unknown              no-response
1801/tcp  open|filtered msmq                 no-response
1805/tcp  open|filtered enl-name             no-response
1812/tcp  open|filtered radius               no-response
1839/tcp  open|filtered netopia-vo1          no-response
1840/tcp  open|filtered netopia-vo2          no-response
1862/tcp  open|filtered mysql-cm-agent       no-response
1863/tcp  open|filtered msnp                 no-response
1864/tcp  open|filtered paradym-31           no-response
1875/tcp  open|filtered westell-stats        no-response
1900/tcp  open|filtered upnp                 no-response
1914/tcp  open|filtered Elm-momentum         no-response
1935/tcp  open|filtered rtmp                 no-response
1947/tcp  open|filtered sentinelsrm          no-response
1971/tcp  open|filtered netop-school         no-response
1972/tcp  open|filtered intersys-cache       no-response
1974/tcp  open|filtered drp                  no-response
1984/tcp  open|filtered bigbrother           no-response
1998/tcp  open|filtered x25-svc-port         no-response
1999/tcp  open|filtered tcp-id-port          no-response
2000/tcp  open|filtered Cisco-sccp           no-response
2001/tcp  open|filtered dc                   no-response
2002/tcp  open|filtered globe                no-response
2003/tcp  open|filtered finger               no-response
2004/tcp  open|filtered mailbox              no-response
2005/tcp  open|filtered deslogin             no-response
2006/tcp  open|filtered invokator            no-response
2007/tcp  open|filtered dectalk              no-response
2008/tcp  open|filtered conf                 no-response
2009/tcp  open|filtered news                 no-response
2010/tcp  open|filtered search               no-response
2013/tcp  open|filtered raid-am              no-response
2020/tcp  open|filtered xinupageserver       no-response
2021/tcp  open|filtered servexec             no-response
2022/tcp  open|filtered down                 no-response
2030/tcp  open|filtered device2              no-response
2033/tcp  open|filtered glogger              no-response
2034/tcp  open|filtered scoremgr             no-response
2035/tcp  open|filtered imsldoc              no-response
2038/tcp  open|filtered objectmanager        no-response
2040/tcp  open|filtered lam                  no-response
2041/tcp  open|filtered interbase            no-response
2042/tcp  open|filtered isis                 no-response
2043/tcp  open|filtered isis-bcast           no-response
2045/tcp  open|filtered cdfunc               no-response
2046/tcp  open|filtered sdfunc               no-response
2047/tcp  open|filtered dls                  no-response
2048/tcp  open|filtered dls-monitor          no-response
2049/tcp  open|filtered nfs                  no-response
2065/tcp  open|filtered dlsrpn               no-response
2068/tcp  open|filtered avocentkvm           no-response
2099/tcp  open|filtered h2250-annex-g        no-response
2100/tcp  open|filtered amiganetfs           no-response
2103/tcp  open|filtered zephyr-clt           no-response
2105/tcp  open|filtered eklogin              no-response
2106/tcp  open|filtered ekshell              no-response
2107/tcp  open|filtered msmq-mgmt            no-response
2111/tcp  open|filtered kx                   no-response
2119/tcp  open|filtered gsigatekeeper        no-response
2121/tcp  open|filtered ccproxy-ftp          no-response
2126/tcp  open|filtered pktcable-cops        no-response
2135/tcp  open|filtered gris                 no-response
2144/tcp  open|filtered lv-ffx               no-response
2160/tcp  open|filtered apc-2160             no-response
2161/tcp  open|filtered apc-agent            no-response
2170/tcp  open|filtered eyetv                no-response
2179/tcp  open|filtered vmrdp                no-response
2190/tcp  open|filtered tivoconnect          no-response
2191/tcp  open|filtered tvbus                no-response
2196/tcp  open|filtered unknown              no-response
2200/tcp  open|filtered ici                  no-response
2222/tcp  open|filtered EtherNetIP-1         no-response
2251/tcp  open|filtered dif-port             no-response
2260/tcp  open|filtered apc-2260             no-response
2288/tcp  open|filtered netml                no-response
2301/tcp  open|filtered compaqdiag           no-response
2323/tcp  open|filtered 3d-nfsd              no-response
2366/tcp  open|filtered qip-login            no-response
2381/tcp  open|filtered compaq-https         no-response
2382/tcp  open|filtered ms-olap3             no-response
2383/tcp  open|filtered ms-olap4             no-response
2393/tcp  open|filtered ms-olap1             no-response
2394/tcp  open|filtered ms-olap2             no-response
2399/tcp  open|filtered fmpro-fdal           no-response
2401/tcp  open|filtered cvspserver           no-response
2492/tcp  open|filtered groove               no-response
2500/tcp  open|filtered rtsserv              no-response
2522/tcp  open|filtered windb                no-response
2525/tcp  open|filtered ms-v-worlds          no-response
2557/tcp  open|filtered nicetec-mgmt         no-response
2601/tcp  open|filtered zebra                no-response
2602/tcp  open|filtered ripd                 no-response
2604/tcp  open|filtered ospfd                no-response
2605/tcp  open|filtered bgpd                 no-response
2607/tcp  open|filtered connection           no-response
2608/tcp  open|filtered wag-service          no-response
2638/tcp  open|filtered sybase               no-response
2701/tcp  open|filtered sms-rcinfo           no-response
2702/tcp  open|filtered sms-xfer             no-response
2710/tcp  open|filtered sso-service          no-response
2717/tcp  open|filtered pn-requester         no-response
2718/tcp  open|filtered pn-requester2        no-response
2725/tcp  open|filtered msolap-ptp2          no-response
2800/tcp  open|filtered acc-raid             no-response
2809/tcp  open|filtered corbaloc             no-response
2811/tcp  open|filtered gsiftp               no-response
2869/tcp  open|filtered icslap               no-response
2875/tcp  open|filtered dxmessagebase2       no-response
2909/tcp  open|filtered funk-dialout         no-response
2910/tcp  open|filtered tdaccess             no-response
2920/tcp  open|filtered roboeda              no-response
2967/tcp  open|filtered symantec-av          no-response
2968/tcp  open|filtered enpp                 no-response
2998/tcp  open|filtered iss-realsec          no-response
3000/tcp  open|filtered ppp                  no-response
2
mrashid

-sN TCP NULLスキャンオプションを使用しています。このスキャンは、フラグが設定されていないTCPパケットを送信します。これは無効なパケットです。 RFCに対して、ポートが閉じている場合、システムはRSTでそれに応答するか、ポートが開いている場合はそれをドロップする必要があります。ただし、実際にこれを行うのは一部の(ほとんどがUnix由来の)システムだけです。他のシステムはすべてに対して同じ方法で応答します無効なパケット:ドロップするか、RSTを送信します。

REASON列のno-responseからわかるように、システムが無効なパケットをすべてドロップしているようです。したがって、このスキャン方法はこのターゲットでは機能しません。実際、最新の(ポストNmap)ファイアウォールを使用すると、-sS-sT以外のTCPスキャンメソッド)を使用できなくなる可能性があります。

2
bonsaiviking