首页 \ 问答 \ nmap ActiveMq问题(nmap ActiveMq issue)

nmap ActiveMq问题(nmap ActiveMq issue)

当我使用运行我的服务的nmap(nmap 5.21版本)扫描一个端口时,它工作正常(我可以登录到我的服务,它在端口28443上运行)。

nmap -P0 -sT -A -p 28443 -oN /root/abhiNmap.txt nmap v <IP>

但是当我扫描所有65k端口时,扫描很好,但之后我无法登录同一端口上的服务。 它被绞死了。

nmap -P0 -sT -A -p 1-65535 -oN /root/abhiNmap.txt nmap v <IP>.

虽然netstat -an | grep 28443 netstat -an | grep 28443 ,它正在同一个端口上正常收听。

解决之后它工作正常:停止tomcat - > service activemq restart - >启动tomcat。

我无法在nmap和activeMq之间进行关联。 是否存在影响activemq的任何关系或事物? 提前致谢。


When I'm scanning only one port using nmap (nmap 5.21 version) on which my service is running, it is working fine (I'm able to login to my service which is running on port 28443).

nmap -P0 -sT -A -p 28443 -oN /root/abhiNmap.txt nmap v <IP>

but when I'm scanning all 65k port, scan is fine but after that I'm not able to login to service on same port. It gets hanged.

nmap -P0 -sT -A -p 1-65535 -oN /root/abhiNmap.txt nmap v <IP>.

though netstat -an | grep 28443, it is listening properly on same port.

Work around after which it is working fine: stop tomcat -> service activemq restart -> start tomcat.

I'm not able to correlated between nmap and activeMq. Is there any relation or something which is affecting activemq? Thanks in advance.


原文:https://stackoverflow.com/questions/22066033
更新时间:2019-10-28 03:00

最满意答案

对挂起的服务进行故障诊 第一步是将扫描削减到可以重现挂起条件的最小探针集。 您的命令行包含-A标志,该标志打开Nmap的所有高级功能。 以下是一些尝试的扫描,以及它们对挂起服务的意义:

  1. nmap -sT -p1-65535 <IP> - 简单的全端口扫描
  2. nmap -sT -p1-10,28443 -O <IP> - 在单端口扫描中通常会跳过OS检测,因此我们会抛出一些可能被关闭的额外端口以强制它。
  3. nmap -sT -p1-65535 -sV <IP> - 具有服务版本检测的全端口扫描。 这通常会导致服务崩溃,因为它会向开放端口发送许多独特的探测器。
  4. nmap -sT -p1-65535 -sV -sC <IP> - 如果之前的扫描没有崩溃,那么这个可能,因为它运行与开放服务交互的额外NSE脚本
  5. nmap -sT -p1-65535 --traceroute <IP> - 这不是罪魁祸首,但它是-A包含的最后一个功能。

一旦您的扫描将反复崩溃服务,您应该检查服务的日志,看看您是否能理解它崩溃的原因。 您可能还想开始从扫描中删除端口以查看哪个端口正在影响您的服务:从您的问题,我猜测28443实际上是正常的,但可能有另一个开放端口到另一个与之交互的服务,这是真是那个打破的人。

一旦找出问题所在,就应该采取措施确保它不会继续成为问题:

  1. 使用防火墙限制对易受攻击服务的访问。
  2. 将错误报告发送给服务软件的维护者,列出重现挂起条件的步骤。
  3. 发送邮件至dev@nmap.org,并附上重现步骤。 开发人员可能能够更改发送到此服务的探针以避免崩溃。
  4. 将您的发现贡献给网络扫描监视列表,以便其他人可以避免崩溃他们自己的服务。

最后,我想指出Nmap 5.21是在2010年发布的,现在已经有4年了。 在撰写本文时, 最新版本的Nmap是6.40,包含许多错误修复和新功能。


Troubleshooting hung services can be difficult. The first step would be to pare down the scan to the smallest set of probes that can reproduce the hang condition. Your command line includes the -A flag, which turns on all of Nmap's advanced features. Here are a few scans to try, and what they mean for the hung service:

  1. nmap -sT -p1-65535 <IP> - A simple all-ports scan
  2. nmap -sT -p1-10,28443 -O <IP> - OS detection would usually be skipped on a single-port scan, so we throw in some extra ports that are likely to be closed in order to force it.
  3. nmap -sT -p1-65535 -sV <IP> - All-ports scan with service version detection. This is usually the phase that will crash services, since it sends many unique probes to open ports.
  4. nmap -sT -p1-65535 -sV -sC <IP> - If the previous scan didn't crash it, this one may, since it runs extra NSE scripts that interact with open services.
  5. nmap -sT -p1-65535 --traceroute <IP> - Very unlikely that this is the culprit, but it is the last feature that is included in -A.

Once you have a scan that will repeatedly crash the service, you should check the service's logs to see if you can understand why it crashed. You may also want to start removing ports from the scan to see which port is affecting your service: From your question, I would guess that 28443 is actually fine, but there may be another open port to another service that it interacts with, which is really the one that breaks.

Once you figure out what is the problem, you should take steps to ensure it doesn't continue to be a problem:

  1. Use a firewall to limit access to the vulnerable service.
  2. Send a bug report to the maintainers of the service software listing steps to reproduce the hang condition.
  3. Send a message to dev@nmap.org with the steps to reproduce. The developers may be able to change the probes that are sent to this service to avoid a crash.
  4. Contribute your findings to the Network Scanning Watch List so other people can avoid crashing their own services.

Finally, I would like to point out that Nmap 5.21 was released in 2010, and is now 4 years old. The latest version of Nmap is 6.40 as of this writing, and contains many bug fixes and new features.

2014-02-27

相关问答

更多

nmap ActiveMq问题(nmap ActiveMq issue)

对挂起的服务进行故障诊 第一步是将扫描削减到可以重现挂起条件的最小探针集。 您的命令行包含-A标志,该标志打开Nmap的所有高级功能。 以下是一些尝试的扫描,以及它们对挂起服务的意义: nmap -sT -p1-65535 <IP> - 简单的全端口扫描 nmap -sT -p1-10,28443 -O <IP> - 在单端口扫描中通常会跳过OS检测,因此我们会抛出一些可能被关闭的额外端口以强制它。 nmap -sT -p1-65535 -sV <IP> - 具有服务版本检测的全端口扫描。 这通常 ...

ActiveMQ没有启动(ActiveMQ is not starting)

您必须通过命令启动ActiveMQ: activemq-admin.bat start activemq.bat用于管理,这就是你设置参数的原因 You must start ActiveMQ by command: activemq-admin.bat start activemq.bat is for managment, that's why you have set arguments

activemq问题

import javax.jms.Connection; import javax.jms.DeliveryMode; import javax.jms.Destination; import javax.jms.JMSException; import javax.jms.MessageProducer; import javax.jms.Session; import javax.jms.TextMessage; jms.jar ================================ ...

('未找到Nmap',)(('Nmap not found', ))

python-nmap似乎依赖于nmap ,这是进行实际网络扫描和审计的二进制文件。 您可以使用以下命令检查终端是否nmap在$PATH : which nmap Debian的样 你可以在debian-like发行版中安装nmap: apt-get install nmap Arch linux: pacman -Sy nmap 已经安装了nmap 如果您确定已安装nmap二进制文件,但您认为它不在$PATH ,则可能必须将安装了nmap的目录添加到$PATH 。 为此,编辑用户目录中的 ...

jmx似乎没有使用activeMQ(jmx doesnt seem to be working with activeMQ)

默认情况下启用远程监控的密码验证。 要禁用它,请在启动JVM时设置以下系统属性:-Dcom.sun.management.jmxremote.authenticate = false,就像在第二次测试中完成的那样但是需要添加系统属性-Dcom.sun.management.jmxremote 尝试将这些jvm param添加到env文件并更新主机ip -Djava.net.preferIPv4Stack = true -Djava.rmi.server.hostname = XXXX UPDATE ...

Nmap和其结果的grepping(Nmap and grepping of its results)

这应该做: nmap 8.8.8.8 | awk '/report/ {split($NF,a,"[()]");print a[2],$5}' 8.8.8.8 google-public-dns-a.google.com This should do: nmap 8.8.8.8 | awk '/report/ {split($NF,a,"[()]");print a[2],$5}' 8.8.8.8 google-public-dns-a.google.com

解析Nmap结果BASH(Parse Nmap result BASH)

您可以使用xml输出并使用xmllint分析输出: nmap -p 21 -oX - "$IP"/24 | xmllint --xpath '//port[@portid="21"]/state[@state="open"]/../../../address/@addr' - You can use xml output and parse the output using xmllint: nmap -p 21 -oX - "$IP"/24 | xmllint --xpath '//port[ ...

python中的Nmap模块问题(Nmap module issues in python)

看起来您的环境路径设置不正确。 如果打开C:\Python33\Lib\site-packages\nmap\nmap.py文件进行编辑,请查看第192行。它在哪里看? 可能只需要使用自安装程序重新安装,安装程序应该为您设置路径变量。 http://nmap.org/book/inst-windows.html It looks like your environment path is not setup correctly. If you open the C:\Python33\Lib\si ...

Servicemix ActiveMQ性能问题(Servicemix ActiveMQ performance issue)

您可以尝试使用KahaDB而不是“amqPersistenceAdapter”。 通过切换到这一点,我们看到了巨大的吞吐量增长。 这是我们使用的配置(高度依赖于您的应用程序,但请确保“enableJournalDiskSyncs”设置为false) <persistenceAdapter> <kahaDB directory="../data/kaha" enableJournalDiskSyncs="false" index ...

如何编辑nmap输出(How to edit nmap output)

你可以尝试使用shell脚本; nmap 192.168.1.* -p80 --open | grep report > output;printf "Number of devices with port 80 open: "; cat output| wc -l 输出: Number of devices with port 80 open: 3 you can try to use a shell script; nmap 192.168.1.* -p80 --open | gre ...

相关文章

更多

最新问答

更多
  • 如何保护Solr只允许SELECT请求给用户并禁止其他任何东西?(How to secure Solr to allow SELECT request to only users and disallow anything else?)
  • XPath表达式无效/错误TFHpple SWIFT 1.2(XPath Expression not working/incorrect TFHpple SWIFT 1.2)
  • css3 3D变换不能平滑地制作动画(css3 3D transform doesn't animate smoothly)
  • 运行时错误'91'和Outlook.Application = <对象变量或没有设置块变量>?(Run-time error '91' & Outlook.Application = Object variable or With block variable not set?)
  • 慢的webservice问题(Slow webservice problem)
  • textview的不正确对齐方式(Improper alignment of a textview)
  • 在第一步“Hello World”中出现Java错误(Cannot run “Hello World” program in Eclipse)
  • 为什么十六进制地址是14个字符?(why the hex address is 14 character?)
  • 如何在Python中的不同类中使用变量?(How to use variable in different classes in Python?)
  • asp:GridView HYPERLINKFIELD - datanavigateurlformatstring中的asp代码(asp:GridView HYPERLINKFIELD - asp code inside datanavigateurlformatstring)
  • 关于adaboost算法(About adaboost algorithm)
  • 在Matlab上内置图像(Built in Images on Matlab)
  • java swing:输入键事件时焦点丢失(java swing: Focus lost on enter key event)
  • C#中的通用约束,T是相同的TSomethingElse,对吧?(Generic constraints in C#, T is the same TSomethingElse, right?)
  • 从mybatis中的光标获取数据(Fetching data from cursor in mybatis)
  • 在运行时从XML构建对象的最佳方法(Best way for building objects out of XMLs at runtime)
  • 在整个窗口中拉伸sf :: Sprite(Stretch sf::Sprite across entire window)
  • Selenium Node API Web驱动程序等待超时处理程序(Selenium Node API web driver wait timeout handler)
  • 函数使用并且是map的一部分(循环依赖?)(Function uses and is part of map (circular dependency?))
  • 是否可以在C ++ 14中使用可选模板参数创建类型元组?(Is possible to make a tuple of types with optional template parameters in C++14?)
  • PHP从窗帘后面打印/ f(PHP prints /f from behind the curtains)
  • JFrame的contentPane的LayoutManager(LayoutManager of JFrame's contentPane)
  • 用于Instagram Feed的图像滚动(Image Roll Overs for Instagram Feed)
  • 如何显示拉伸字体(双倍宽度/高度)?(How to display stretched font (double width/height)?)
  • 文件操作API在fileapi.h和stdio.h中的WP8差异?(WP8 differences between file manipulation APIs in fileapi.h and stdio.h?)
  • 保存失败后Rails没有回滚事务()(Rails not rolling back transaction after failed save())
  • jqgrid中的分页问题与数组数据(Pagination problem in jqgrid with array data)
  • 重定向时,通过其他页面上的URL调用javascript函数(Call javascript function through url on otherpage while Redirecting)
  • 如何使用InvokeCommandAction调用我的方法并传入参数?(How do I go about using InvokeCommandAction to call a method of mine and pass in parameters?)
  • Jquerymobile按钮仅显示页面的第一个外观(Jquerymobile buttons are shown only first apperance of the page)