J'ai effectué une analyse NMAP sur mon serveur avec un pare-feu F5 la protégeant.
J'ai utilisé la commande NMAP nmap -vvv -f -Pn -mtu 8 -sN -oN nmap-results.txt 192.168.22.102
J'ai eu ce résultat mais cela semble suspect. Ce résultat est-il vrai et comment puis-je le vérifier?
PORT STATE SERVICE REASON
1/tcp open|filtered tcpmux no-response
3/tcp open|filtered compressnet no-response
4/tcp open|filtered unknown no-response
6/tcp open|filtered unknown no-response
7/tcp open|filtered echo no-response
9/tcp open|filtered discard no-response
13/tcp open|filtered daytime no-response
17/tcp open|filtered qotd no-response
19/tcp open|filtered chargen no-response
20/tcp open|filtered ftp-data no-response
21/tcp open|filtered ftp no-response
22/tcp open|filtered ssh no-response
23/tcp open|filtered telnet no-response
24/tcp open|filtered priv-mail no-response
25/tcp open|filtered smtp no-response
26/tcp open|filtered rsftp no-response
30/tcp open|filtered unknown no-response
32/tcp open|filtered unknown no-response
33/tcp open|filtered dsp no-response
37/tcp open|filtered time no-response
42/tcp open|filtered nameserver no-response
43/tcp open|filtered whois no-response
49/tcp open|filtered tacacs no-response
53/tcp open|filtered domain no-response
70/tcp open|filtered Gopher no-response
79/tcp open|filtered finger no-response
80/tcp open|filtered http no-response
81/tcp open|filtered hosts2-ns no-response
82/tcp open|filtered xfer no-response
83/tcp open|filtered mit-ml-dev no-response
84/tcp open|filtered ctf no-response
85/tcp open|filtered mit-ml-dev no-response
88/tcp open|filtered kerberos-sec no-response
89/tcp open|filtered su-mit-tg no-response
90/tcp open|filtered dnsix no-response
99/tcp open|filtered metagram no-response
100/tcp open|filtered newacct no-response
106/tcp open|filtered pop3pw no-response
109/tcp open|filtered pop2 no-response
110/tcp open|filtered pop3 no-response
111/tcp open|filtered rpcbind no-response
113/tcp open|filtered ident no-response
119/tcp open|filtered nntp no-response
125/tcp open|filtered locus-map no-response
135/tcp open|filtered msrpc no-response
139/tcp open|filtered netbios-ssn no-response
143/tcp open|filtered imap no-response
144/tcp open|filtered news no-response
146/tcp open|filtered iso-tp0 no-response
161/tcp open|filtered snmp no-response
163/tcp open|filtered cmip-man no-response
179/tcp open|filtered bgp no-response
199/tcp open|filtered smux no-response
211/tcp open|filtered 914c-g no-response
212/tcp open|filtered anet no-response
222/tcp open|filtered rsh-spx no-response
254/tcp open|filtered unknown no-response
255/tcp open|filtered unknown no-response
256/tcp open|filtered fw1-secureremote no-response
259/tcp open|filtered esro-gen no-response
264/tcp open|filtered bgmp no-response
280/tcp open|filtered http-mgmt no-response
301/tcp open|filtered unknown no-response
306/tcp open|filtered unknown no-response
311/tcp open|filtered asip-webadmin no-response
340/tcp open|filtered unknown no-response
366/tcp open|filtered odmr no-response
389/tcp open|filtered ldap no-response
406/tcp open|filtered imsp no-response
407/tcp open|filtered timbuktu no-response
416/tcp open|filtered silverplatter no-response
417/tcp open|filtered onmux no-response
425/tcp open|filtered icad-el no-response
427/tcp open|filtered svrloc no-response
443/tcp open|filtered https no-response
444/tcp open|filtered snpp no-response
445/tcp open|filtered Microsoft-ds no-response
458/tcp open|filtered appleqtc no-response
464/tcp open|filtered kpasswd5 no-response
465/tcp open|filtered smtps no-response
481/tcp open|filtered dvs no-response
497/tcp open|filtered retrospect no-response
500/tcp open|filtered isakmp no-response
512/tcp open|filtered exec no-response
513/tcp open|filtered login no-response
514/tcp open|filtered Shell no-response
515/tcp open|filtered printer no-response
524/tcp open|filtered ncp no-response
541/tcp open|filtered uucp-rlogin no-response
543/tcp open|filtered klogin no-response
544/tcp open|filtered kshell no-response
545/tcp open|filtered ekshell no-response
548/tcp open|filtered afp no-response
554/tcp open|filtered rtsp no-response
555/tcp open|filtered dsf no-response
563/tcp open|filtered snews no-response
587/tcp open|filtered submission no-response
593/tcp open|filtered http-rpc-epmap no-response
616/tcp open|filtered sco-sysmgr no-response
617/tcp open|filtered sco-dtmgr no-response
625/tcp open|filtered Apple-xsrvr-admin no-response
631/tcp open|filtered ipp no-response
636/tcp open|filtered ldapssl no-response
646/tcp open|filtered ldp no-response
648/tcp open|filtered rrp no-response
666/tcp open|filtered Doom no-response
667/tcp open|filtered disclose no-response
668/tcp open|filtered mecomm no-response
683/tcp open|filtered corba-iiop no-response
687/tcp open|filtered asipregistry no-response
691/tcp open|filtered resvc no-response
700/tcp open|filtered epp no-response
705/tcp open|filtered agentx no-response
711/tcp open|filtered Cisco-tdp no-response
714/tcp open|filtered iris-xpcs no-response
720/tcp open|filtered unknown no-response
722/tcp open|filtered unknown no-response
726/tcp open|filtered unknown no-response
749/tcp open|filtered kerberos-adm no-response
765/tcp open|filtered webster no-response
777/tcp open|filtered multiling-http no-response
783/tcp open|filtered spamassassin no-response
787/tcp open|filtered qsc no-response
800/tcp open|filtered mdbs_daemon no-response
801/tcp open|filtered device no-response
808/tcp open|filtered ccproxy-http no-response
843/tcp open|filtered unknown no-response
873/tcp open|filtered rsync no-response
880/tcp open|filtered unknown no-response
888/tcp open|filtered accessbuilder no-response
898/tcp open|filtered Sun-manageconsole no-response
900/tcp open|filtered omginitialrefs no-response
901/tcp open|filtered samba-swat no-response
902/tcp open|filtered iss-realsecure no-response
903/tcp open|filtered iss-console-mgr no-response
911/tcp open|filtered xact-backup no-response
912/tcp open|filtered apex-mesh no-response
981/tcp open|filtered unknown no-response
987/tcp open|filtered unknown no-response
990/tcp open|filtered ftps no-response
992/tcp open|filtered telnets no-response
993/tcp open|filtered imaps no-response
995/tcp open|filtered pop3s no-response
999/tcp open|filtered garcon no-response
1000/tcp open|filtered cadlock no-response
1001/tcp open|filtered webpush no-response
1002/tcp open|filtered windows-icfw no-response
1007/tcp open|filtered unknown no-response
1009/tcp open|filtered unknown no-response
1010/tcp open|filtered surf no-response
1011/tcp open|filtered unknown no-response
1021/tcp open|filtered exp1 no-response
1022/tcp open|filtered exp2 no-response
1023/tcp open|filtered netvenuechat no-response
1024/tcp open|filtered kdm no-response
1025/tcp open|filtered NFS-or-IIS no-response
1026/tcp open|filtered LSA-or-nterm no-response
1027/tcp open|filtered IIS no-response
1028/tcp open|filtered unknown no-response
1029/tcp open|filtered ms-lsa no-response
1030/tcp open|filtered iad1 no-response
1031/tcp open|filtered iad2 no-response
1032/tcp open|filtered iad3 no-response
1033/tcp open|filtered netinfo no-response
1034/tcp open|filtered zincite-a no-response
1035/tcp open|filtered multidropper no-response
1036/tcp open|filtered nsstp no-response
1037/tcp open|filtered ams no-response
1038/tcp open|filtered mtqp no-response
1039/tcp open|filtered sbl no-response
1040/tcp open|filtered netsaint no-response
1041/tcp open|filtered danf-ak2 no-response
1042/tcp open|filtered afrog no-response
1043/tcp open|filtered boinc no-response
1044/tcp open|filtered dcutility no-response
1045/tcp open|filtered fpitp no-response
1046/tcp open|filtered wfremotertm no-response
1047/tcp open|filtered neod1 no-response
1048/tcp open|filtered neod2 no-response
1049/tcp open|filtered td-postman no-response
1050/tcp open|filtered Java-or-OTGfileshare no-response
1051/tcp open|filtered optima-vnet no-response
1052/tcp open|filtered ddt no-response
1053/tcp open|filtered remote-as no-response
1054/tcp open|filtered brvread no-response
1055/tcp open|filtered ansyslmd no-response
1056/tcp open|filtered vfo no-response
1057/tcp open|filtered startron no-response
1058/tcp open|filtered nim no-response
1059/tcp open|filtered nimreg no-response
1060/tcp open|filtered polestar no-response
1061/tcp open|filtered kiosk no-response
1062/tcp open|filtered veracity no-response
1063/tcp open|filtered kyoceranetdev no-response
1064/tcp open|filtered jstel no-response
1065/tcp open|filtered syscomlan no-response
1066/tcp open|filtered fpo-fns no-response
1067/tcp open|filtered instl_boots no-response
1068/tcp open|filtered instl_bootc no-response
1069/tcp open|filtered cognex-insight no-response
1070/tcp open|filtered gmrupdateserv no-response
1071/tcp open|filtered bsquare-voip no-response
1072/tcp open|filtered cardax no-response
1073/tcp open|filtered bridgecontrol no-response
1074/tcp open|filtered warmspotMgmt no-response
1075/tcp open|filtered rdrmshc no-response
1076/tcp open|filtered sns_credit no-response
1077/tcp open|filtered imgames no-response
1078/tcp open|filtered avocent-proxy no-response
1079/tcp open|filtered asprovatalk no-response
1080/tcp open|filtered socks no-response
1081/tcp open|filtered pvuniwien no-response
1082/tcp open|filtered amt-esd-prot no-response
1083/tcp open|filtered ansoft-lm-1 no-response
1084/tcp open|filtered ansoft-lm-2 no-response
1085/tcp open|filtered webobjects no-response
1086/tcp open|filtered cplscrambler-lg no-response
1087/tcp open|filtered cplscrambler-in no-response
1088/tcp open|filtered cplscrambler-al no-response
1089/tcp open|filtered ff-annunc no-response
1090/tcp open|filtered ff-fms no-response
1091/tcp open|filtered ff-sm no-response
1092/tcp open|filtered obrpd no-response
1093/tcp open|filtered proofd no-response
1094/tcp open|filtered rootd no-response
1095/tcp open|filtered nicelink no-response
1096/tcp open|filtered cnrprotocol no-response
1097/tcp open|filtered sunclustermgr no-response
1098/tcp open|filtered rmiactivation no-response
1099/tcp open|filtered rmiregistry no-response
1100/tcp open|filtered mctp no-response
1102/tcp open|filtered adobeserver-1 no-response
1104/tcp open|filtered xrl no-response
1105/tcp open|filtered ftranhc no-response
1106/tcp open|filtered isoipsigport-1 no-response
1107/tcp open|filtered isoipsigport-2 no-response
1108/tcp open|filtered ratio-adp no-response
1110/tcp open|filtered nfsd-status no-response
1111/tcp open|filtered lmsocialserver no-response
1112/tcp open|filtered msql no-response
1113/tcp open|filtered ltp-deepspace no-response
1114/tcp open|filtered mini-sql no-response
1117/tcp open|filtered ardus-mtrns no-response
1119/tcp open|filtered bnetgame no-response
1121/tcp open|filtered rmpp no-response
1122/tcp open|filtered availant-mgr no-response
1123/tcp open|filtered murray no-response
1124/tcp open|filtered hpvmmcontrol no-response
1126/tcp open|filtered hpvmmdata no-response
1130/tcp open|filtered casp no-response
1131/tcp open|filtered caspssl no-response
1132/tcp open|filtered kvm-via-ip no-response
1137/tcp open|filtered trim no-response
1138/tcp open|filtered encrypted_admin no-response
1141/tcp open|filtered mxomss no-response
1145/tcp open|filtered x9-icue no-response
1147/tcp open|filtered capioverlan no-response
1148/tcp open|filtered elfiq-repl no-response
1149/tcp open|filtered bvtsonar no-response
1151/tcp open|filtered unizensus no-response
1152/tcp open|filtered winpoplanmess no-response
1154/tcp open|filtered resacommunity no-response
1163/tcp open|filtered sddp no-response
1164/tcp open|filtered qsm-proxy no-response
1165/tcp open|filtered qsm-gui no-response
1166/tcp open|filtered qsm-remote no-response
1169/tcp open|filtered tripwire no-response
1174/tcp open|filtered fnet-remote-ui no-response
1175/tcp open|filtered dossier no-response
1183/tcp open|filtered llsurfup-http no-response
1185/tcp open|filtered catchpole no-response
1186/tcp open|filtered mysql-cluster no-response
1187/tcp open|filtered alias no-response
1192/tcp open|filtered caids-sensor no-response
1198/tcp open|filtered cajo-discovery no-response
1199/tcp open|filtered dmidi no-response
1201/tcp open|filtered nucleus-sand no-response
1213/tcp open|filtered mpc-lifenet no-response
1216/tcp open|filtered etebac5 no-response
1217/tcp open|filtered hpss-ndapi no-response
1218/tcp open|filtered aeroflight-ads no-response
1233/tcp open|filtered univ-appserver no-response
1234/tcp open|filtered hotline no-response
1236/tcp open|filtered bvcontrol no-response
1244/tcp open|filtered isbconference1 no-response
1247/tcp open|filtered visionpyramid no-response
1248/tcp open|filtered hermes no-response
1259/tcp open|filtered opennl-voice no-response
1271/tcp open|filtered excw no-response
1272/tcp open|filtered cspmlockmgr no-response
1277/tcp open|filtered miva-mqs no-response
1287/tcp open|filtered routematch no-response
1296/tcp open|filtered dproxy no-response
1300/tcp open|filtered h323hostcallsc no-response
1301/tcp open|filtered ci3-software-1 no-response
1309/tcp open|filtered jtag-server no-response
1310/tcp open|filtered husky no-response
1311/tcp open|filtered rxmon no-response
1322/tcp open|filtered novation no-response
1328/tcp open|filtered ewall no-response
1334/tcp open|filtered writesrv no-response
1352/tcp open|filtered lotusnotes no-response
1417/tcp open|filtered timbuktu-srv1 no-response
1433/tcp open|filtered ms-sql-s no-response
1434/tcp open|filtered ms-sql-m no-response
1443/tcp open|filtered ies-lm no-response
1455/tcp open|filtered esl-lm no-response
1461/tcp open|filtered ibm_wrless_lan no-response
1494/tcp open|filtered citrix-ica no-response
1500/tcp open|filtered vlsi-lm no-response
1501/tcp open|filtered sas-3 no-response
1503/tcp open|filtered imtc-mcs no-response
1521/tcp open|filtered Oracle no-response
1524/tcp open|filtered ingreslock no-response
1533/tcp open|filtered virtual-places no-response
1556/tcp open|filtered veritas_pbx no-response
1580/tcp open|filtered tn-tl-r1 no-response
1583/tcp open|filtered simbaexpress no-response
1594/tcp open|filtered sixtrak no-response
1600/tcp open|filtered issd no-response
1641/tcp open|filtered invision no-response
1658/tcp open|filtered sixnetudr no-response
1666/tcp open|filtered netview-aix-6 no-response
1687/tcp open|filtered nsjtp-ctrl no-response
1688/tcp open|filtered nsjtp-data no-response
1700/tcp open|filtered mps-raft no-response
1717/tcp open|filtered fj-hdnet no-response
1718/tcp open|filtered h323gatedisc no-response
1719/tcp open|filtered h323gatestat no-response
1720/tcp open|filtered h323q931 no-response
1721/tcp open|filtered caicci no-response
1723/tcp open|filtered pptp no-response
1755/tcp open|filtered wms no-response
1761/tcp open|filtered landesk-rc no-response
1782/tcp open|filtered hp-hcip no-response
1783/tcp open|filtered unknown no-response
1801/tcp open|filtered msmq no-response
1805/tcp open|filtered enl-name no-response
1812/tcp open|filtered radius no-response
1839/tcp open|filtered netopia-vo1 no-response
1840/tcp open|filtered netopia-vo2 no-response
1862/tcp open|filtered mysql-cm-agent no-response
1863/tcp open|filtered msnp no-response
1864/tcp open|filtered paradym-31 no-response
1875/tcp open|filtered westell-stats no-response
1900/tcp open|filtered upnp no-response
1914/tcp open|filtered Elm-momentum no-response
1935/tcp open|filtered rtmp no-response
1947/tcp open|filtered sentinelsrm no-response
1971/tcp open|filtered netop-school no-response
1972/tcp open|filtered intersys-cache no-response
1974/tcp open|filtered drp no-response
1984/tcp open|filtered bigbrother no-response
1998/tcp open|filtered x25-svc-port no-response
1999/tcp open|filtered tcp-id-port no-response
2000/tcp open|filtered Cisco-sccp no-response
2001/tcp open|filtered dc no-response
2002/tcp open|filtered globe no-response
2003/tcp open|filtered finger no-response
2004/tcp open|filtered mailbox no-response
2005/tcp open|filtered deslogin no-response
2006/tcp open|filtered invokator no-response
2007/tcp open|filtered dectalk no-response
2008/tcp open|filtered conf no-response
2009/tcp open|filtered news no-response
2010/tcp open|filtered search no-response
2013/tcp open|filtered raid-am no-response
2020/tcp open|filtered xinupageserver no-response
2021/tcp open|filtered servexec no-response
2022/tcp open|filtered down no-response
2030/tcp open|filtered device2 no-response
2033/tcp open|filtered glogger no-response
2034/tcp open|filtered scoremgr no-response
2035/tcp open|filtered imsldoc no-response
2038/tcp open|filtered objectmanager no-response
2040/tcp open|filtered lam no-response
2041/tcp open|filtered interbase no-response
2042/tcp open|filtered isis no-response
2043/tcp open|filtered isis-bcast no-response
2045/tcp open|filtered cdfunc no-response
2046/tcp open|filtered sdfunc no-response
2047/tcp open|filtered dls no-response
2048/tcp open|filtered dls-monitor no-response
2049/tcp open|filtered nfs no-response
2065/tcp open|filtered dlsrpn no-response
2068/tcp open|filtered avocentkvm no-response
2099/tcp open|filtered h2250-annex-g no-response
2100/tcp open|filtered amiganetfs no-response
2103/tcp open|filtered zephyr-clt no-response
2105/tcp open|filtered eklogin no-response
2106/tcp open|filtered ekshell no-response
2107/tcp open|filtered msmq-mgmt no-response
2111/tcp open|filtered kx no-response
2119/tcp open|filtered gsigatekeeper no-response
2121/tcp open|filtered ccproxy-ftp no-response
2126/tcp open|filtered pktcable-cops no-response
2135/tcp open|filtered gris no-response
2144/tcp open|filtered lv-ffx no-response
2160/tcp open|filtered apc-2160 no-response
2161/tcp open|filtered apc-agent no-response
2170/tcp open|filtered eyetv no-response
2179/tcp open|filtered vmrdp no-response
2190/tcp open|filtered tivoconnect no-response
2191/tcp open|filtered tvbus no-response
2196/tcp open|filtered unknown no-response
2200/tcp open|filtered ici no-response
2222/tcp open|filtered EtherNetIP-1 no-response
2251/tcp open|filtered dif-port no-response
2260/tcp open|filtered apc-2260 no-response
2288/tcp open|filtered netml no-response
2301/tcp open|filtered compaqdiag no-response
2323/tcp open|filtered 3d-nfsd no-response
2366/tcp open|filtered qip-login no-response
2381/tcp open|filtered compaq-https no-response
2382/tcp open|filtered ms-olap3 no-response
2383/tcp open|filtered ms-olap4 no-response
2393/tcp open|filtered ms-olap1 no-response
2394/tcp open|filtered ms-olap2 no-response
2399/tcp open|filtered fmpro-fdal no-response
2401/tcp open|filtered cvspserver no-response
2492/tcp open|filtered groove no-response
2500/tcp open|filtered rtsserv no-response
2522/tcp open|filtered windb no-response
2525/tcp open|filtered ms-v-worlds no-response
2557/tcp open|filtered nicetec-mgmt no-response
2601/tcp open|filtered zebra no-response
2602/tcp open|filtered ripd no-response
2604/tcp open|filtered ospfd no-response
2605/tcp open|filtered bgpd no-response
2607/tcp open|filtered connection no-response
2608/tcp open|filtered wag-service no-response
2638/tcp open|filtered sybase no-response
2701/tcp open|filtered sms-rcinfo no-response
2702/tcp open|filtered sms-xfer no-response
2710/tcp open|filtered sso-service no-response
2717/tcp open|filtered pn-requester no-response
2718/tcp open|filtered pn-requester2 no-response
2725/tcp open|filtered msolap-ptp2 no-response
2800/tcp open|filtered acc-raid no-response
2809/tcp open|filtered corbaloc no-response
2811/tcp open|filtered gsiftp no-response
2869/tcp open|filtered icslap no-response
2875/tcp open|filtered dxmessagebase2 no-response
2909/tcp open|filtered funk-dialout no-response
2910/tcp open|filtered tdaccess no-response
2920/tcp open|filtered roboeda no-response
2967/tcp open|filtered symantec-av no-response
2968/tcp open|filtered enpp no-response
2998/tcp open|filtered iss-realsec no-response
3000/tcp open|filtered ppp no-response
Vous utilisez le -sN
TCP Option de numérisation null. Cette analyse envoie A TCP sans paramétrage de drapeaux; il s'agit d'un paquet non valide. Selon le RFC, un système devrait Répondez-y avec une première si le port est fermé ou laissez-le tomber si le port est ouvert. Cependant, seuls certains systèmes (principalement dérivés unix-dérivés) réellement cela. D'autres répondent de la même manière à chaque paquet non valide: soit le laissant tomber ou Envoi d'une TVD.
Il semble que votre système tombe tous les paquets non valides, comme en témoigne le no-response
Dans la colonne de la raison. Cette méthode de numérisation ne fonctionnera donc pas pour cette cible. En fait, l'utilisation d'un pare-feu moderne (post-NMAP) rend probablement impossible d'utiliser l'un des TCP méthodes de numérisation en plus de -sS
et -sT
.