套接字 - 发现防火墙端口
我正在阅读 nmap 源代码,因为我想了解它如何发现某些端口被过滤或防火墙。我对 c 中的套接字有一些经验,并且我构建了简单的端口扫描器,这很简单 - 如果连接成功,则端口打开,否则端口关闭(因为返回了 RST)。但如果使用防火墙端口,它们不会返回 RST 数据包,我的端口扫描器只会永远“等待”。
如果有人对此主题有经验,请向我指出 nmap 代码中实际扫描和端口状态确定发生的部分,或者至少告诉我是否有任何其他代码可以处理此问题。
I was reading the nmap source code because I'd like to find out how does it discover that certain ports are filtered or firewalled. I have some experience with sockets in c and i've built simple port scanners, that's easy - if the connection succeeds, the port is open, otherwise it's closed (because of the RST returned). But in case with the firewalled ports, they don't return RST packet back, and my port scanner just "waits" forever.
If someone's got experience with this topic, please point me to the parts of the nmap code where the actual scanning and port-state determination occurs, or at least tell me if there are any other codes available which deal with this problem.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用异步套接字 API 调用(即不要等待连接建立,而是并行尝试下一个端口/地址)并定义合理的超时(例如,如果一分钟后未建立连接,您可以考虑这样做)过滤)。
Use asynchronous socket API calls (i.e. don't wait for the connection to be established, and instead try the next port/address in parallel) and define a reasonable timeout (e.g. if the connection isn't established after a minute you can consider it filtered).