| [Question] giúp đỡ về filewalk.nse trong Nmap |
22/12/2012 14:46:02 (+0700) | #1 | 272036 |
V.I.C
Member
![[Minus]](/hvaonline/templates/viet/images/minus.gif "[Minus]") |
0 |
![[Plus]](/hvaonline/templates/viet/images/plus.gif "[Plus]")
|
|
Joined: 25/10/2012 02:38:34
Messages: 12
Offline
|
|
Em đang tìm hiểu firewalk.nse (trong phần Nmap Scripting Engine) của công cụ Nmap, ai chỉ giúp em cơ chế hoạt động của firewalk.nse này hoạt động như thế nào với
code: http://nmap.org/nsedoc/scripts/firewalk.html |
|
|
 |
|
| [Question] giúp đỡ về filewalk.nse trong Nmap |
22/12/2012 22:20:03 (+0700) | #2 | 272040 |
![[Avatar]](/hvaonline/images/avatar/3f44f3018ff71ff4a7d22a98f3babb55.png "[Avatar]")
|
quanta
Moderator
|
Joined: 28/07/2006 14:44:21
Messages: 7265
Location: $ locate `whoami`
Offline
|
|
Mình thấy bạn đang đọc nhiều về Nmap nhưng "có vẻ" kiến thức cơ bản chưa được tốt. Nên chăng ngừng việc tìm hiểu Nmap lại, đọc về TCP/IP trước. Khi nắm chắc TCP/IP rồi, bạn sẽ thấy đoạn giải thích ở đường link bạn đưa phía trên khá dễ hiểu:
http://nmap.org/nsedoc/scripts/firewalk.html wrote:
To determine a rule on a given gateway, the scanner sends a probe to a metric located behind the gateway, with a TTL one higher than the gateway. If the probe is forwarded by the gateway, then we can expect to receive an ICMP_TIME_EXCEEDED reply from the gateway next hop router, or eventually the metric itself if it is directly connected to the gateway. Otherwise, the probe will timeout.
It starts with a TTL equals to the distance to the target. If the probe timeout, then it is resent with a TTL decreased by one. If we get an ICMP_TIME_EXCEEDED, then the scan is over for this probe.
Every "no-reply" filtered TCP and UDP ports are probed. As for UDP scans, this process can be quite slow if lots of ports are blocked by a gateway close to the scanner.
|
|
| Let's build on a great foundation! |
|
|
|
|
|
|
| Users currently in here |
|
1 Anonymous
|
|
Powered by JForum - Extended by HVAOnline
hvaonline.net | hvaforum.net | hvazone.net | hvanews.net | vnhacker.org
1999 - 2013 ©
v2012|0504|218|
|
|
![[Rule]](/hvaonline/templates/viet/images/icon_mini_rule.gif "[Rule]"){kind=icon}
![[Home]](/hvaonline/templates/viet/images/icon_mini_groups.gif "[Home]"){kind=icon}
![[Portal]](/hvaonline/templates/viet/images/icon_mini_portal.gif "[Portal]"){kind=icon}
![[Members]](/hvaonline/templates/viet/images/icon_mini_members.gif "[Members]"){kind=icon}
![[Statistics]](/hvaonline/templates/viet/images/icon_mini_stats.gif "[Statistics]"){kind=icon}
![[Search]](/hvaonline/templates/viet/images/icon_mini_search.gif "[Search]"){kind=icon}
![[Reading Room]](/hvaonline/templates/viet/images/icon_mini_book.gif "[Reading Room]"){kind=icon}
![[Register]](/hvaonline/templates/viet/images/icon_mini_register.gif "[Register]"){kind=icon}
Register![[Login]](/hvaonline/templates/viet/images/icon_mini_login.gif "[Login]"){kind=icon}
Login [
Thảo luận mạng và thiết bị mạng
![[Profile]](/hvaonline/templates/viet/images/en_US/icon_profile.gif "[Profile]"){kind=icon}
![[PM]](/hvaonline/templates/viet/images/en_US/icon_pm.gif "[PM]"){kind=icon}
![[Up]](/hvaonline/templates/viet/images/en_US/icon_up.gif "[Up]"){kind=icon}
![[Print Copy]](/hvaonline/templates/viet/images/en_US/icon_print.gif "[Print Copy]"){kind=icon}
![[digg]](/hvaonline/templates/viet/images/digg.gif "[digg]")
![[delicious]](/hvaonline/templates/viet/images/delicious.gif "[delicious]")
![[google]](/hvaonline/templates/viet/images/google.gif "[google]")
![[yahoo]](/hvaonline/templates/viet/images/yahoo.gif "[yahoo]")
![[technorati]](/hvaonline/templates/viet/images/technorati.gif "[technorati]")
![[reddit]](/hvaonline/templates/viet/images/reddit.gif "[reddit]")
![[stumbleupon]](/hvaonline/templates/viet/images/stumbleupon.gif "[stumbleupon]")