中国の国内から日本のサーバーに対してポートスキャンをかけてみました。
中国の環境:MacbookAir Catalina10.15.7
日本のサーバ:さくらのVPS
1.MACにポートスキャンツールをインストール
brewコマンドでnmapをインストールします。
$ brew install nmap
==> Downloading https://nmap.org/dist/nmap-7.70.tar.bz2
############################################################################################ 100.0%
==> ./configure --prefix=/usr/local/Cellar/nmap/7.70 --with-libpcre=included --with-liblua=included
==> make
==> make install
Error: An unexpected error occurred during the `brew link` step
The formula built, but is not symlinked into /usr/local
Permission denied @ dir_s_mkdir - /usr/local/lib
Error: Permission denied @ dir_s_mkdir - /usr/local/lib
$
エラーが出ているのでフォルダを作成します。
$ sudo mkdir /usr/local/lib
$
$
$ ls -la
total 0
drwxr-xr-x 12 root wheel 384 Jan 24 19:41 .
drwxr-xr-x@ 11 root wheel 352 Aug 26 20:20 ..
-rw-r--r-- 1 root wheel 0 Feb 8 2020 .com.apple.installer.keep
drwxrwxr-x 6 user admin 192 Jan 24 18:32 Cellar
drwxrwxr-x 17 user admin 544 Oct 21 2018 Homebrew
drwxrwxr-x 12 user admin 384 Jan 24 18:45 bin
drwxrwxr-x 7 user admin 224 Oct 21 2018 etc
drwxr-xr-x 2 root wheel 64 Jan 24 19:41 lib
drwxrwxr-x 8 user admin 256 Jan 24 18:45 opt
drwxrwxr-x 3 user admin 96 Oct 21 2018 sbin
drwxrwxr-x 5 user admin 160 Jan 24 18:45 share
drwxrwxr-x 3 user admin 96 Oct 21 2018 var
所有者がrootになっているのでユーザーに変更します。
root# chown user:admin lib
oot# ls -la
total 0
drwxr-xr-x 12 root wheel 384 Jan 24 19:41 .
drwxr-xr-x@ 11 root wheel 352 Aug 26 20:20 ..
-rw-r--r-- 1 root wheel 0 Feb 8 2020 .com.apple.installer.keep
drwxrwxr-x 6 user admin 192 Jan 24 18:32 Cellar
drwxrwxr-x 17 user admin 544 Oct 21 2018 Homebrew
drwxrwxr-x 12 user admin 384 Jan 24 18:45 bin
drwxrwxr-x 7 user admin 224 Oct 21 2018 etc
drwxr-xr-x 2 user admin 64 Jan 24 19:41 lib
drwxrwxr-x 8 user admin 256 Jan 24 18:45 opt
drwxrwxr-x 3 user admin 96 Oct 21 2018 sbin
drwxrwxr-x 5 user admin 160 Jan 24 18:45 share
drwxrwxr-x 3 user admin 96 Oct 21 2018 var
もう一度nmapのインストールを実行すると、
なんだかRubyのエラーが出ています。
$ brew install nmap
Updating Homebrew...
/usr/local/Homebrew/Library/Homebrew/brew.rb:17:in `<main>': HOMEBREW_REQUIRED_RUBY_VERSION was not exported! Please call bin/brew directly! (RuntimeError)
brew doctorコマンドで不具合箇所を確認してみます。
$ brew doctor
==> Downloading https://homebrew.bintray.com/bottles-portable-ruby/portable-ruby-2.6.3_2.yosemite.bottle.tar.gz
########################### 29.8%
curl: (56) LibreSSL SSL_read: SSL_ERROR_SYSCALL, errno 54
Error: Checksum mismatch.
Expected: b065e5e3783954f3e65d8d3a6377ca51649bfcfa21b356b0dd70490f74c6bd86
Actual: 27e4ed5659dc705a7dcb86c7ab20f3dc61379a15ba0297e2656fdb51cfb9b986
Archive: /Users/Library/Caches/Homebrew/portable-ruby-2.6.3_2.yosemite.bottle.tar.gz
To retry an incomplete download, remove the file above.
Error: Failed to upgrade Homebrew Portable Ruby!
どうやらRubyのアップデートに失敗したようです。
homebrewってruby使ってるんですね、知らなかったです。
チェックサムのミスマッチと言っているので、ファイルを削除してから
もう一度brew doctorを実行してみます。
$ brew doctor
==> Downloading https://homebrew.bintray.com/bottles-portable-ruby/portable-ruby-2.6.3_2.yosemite.bottle.tar.gz
#################################################################################################################################### 100.0%
==> Pouring portable-ruby-2.6.3_2.yosemite.bottle.tar.gz
Please note that these warnings are just used to help the Homebrew maintainers
with debugging if you file an issue. If everything you use Homebrew for is
working fine: please don't worry or file an issue; just ignore this. Thanks!
Warning: The following directories do not exist:
/usr/local/Frameworks
/usr/local/include
You should create these directories and change their ownership to your account.
sudo mkdir -p /usr/local/Frameworks /usr/local/include
sudo chown -R $(whoami) /usr/local/Frameworks /usr/local/include
Warning: You have unlinked kegs in your Cellar.
Leaving kegs unlinked can lead to build-trouble and cause brews that depend on
those kegs to fail to run properly once built. Run `brew link` on these:
nmap
Warning: Broken symlinks were found. Remove them with `brew cleanup`:
/usr/local/share/man/man1/brew-cask.1
$
1つ目のwarningから対応していきます。
$ sudo mkdir -p /usr/local/Frameworks /usr/local/include
Password:
$ sudo chown -R $(whoami) /usr/local/Frameworks /usr/local/include
$ ll /usr/local/Frameworks
bash: ll: command not found
$
$
$ ls -la /usr/local/Frameworks
total 0
drwxr-xr-x 2 user wheel 64 Jan 25 11:06 .
drwxr-xr-x 14 root wheel 448 Jan 25 11:06 ..
$ ls -la /usr/local/include
total 0
drwxr-xr-x 2 user wheel 64 Jan 25 11:06 .
drwxr-xr-x 14 root wheel 448 Jan 25 11:06 ..
$
2つ目のwarning対応。
[hiroshinoMacBook-ea:/usr/local $ brew link nmap
Linking /usr/local/Cellar/nmap/7.70... 25 symlinks created
3つ目のwarning
$ brew cleanup
Removing: /Users/Library/Caches/Homebrew/openssh-7.7p1.high_sierra.bottle.tar.gz... (1.6MB)
Removing: /Users/Library/Caches/Homebrew/openssl-1.0.2o_2.high_sierra.bottle.tar.gz... (3.7MB)
Removing: /Users/Library/Caches/Homebrew/bash-completion-1.3_3.high_sierra.bottle.tar.gz... (142.2KB)
Removing: /Users/Library/Caches/Homebrew/linkage.db... (24KB)
Removing: /Users/Library/Logs/Homebrew/openssh... (64B)
Removing: /Users/Library/Logs/Homebrew/openssl... (64B)
Removing: /Users/Library/Logs/Homebrew/bash-completion... (64B)
Pruned 1 symbolic links and 2 directories from /usr/local
そして確認。
$ brew doctor
Your system is ready to brew.
インストールされていることを確認。
$ nmap -v
Starting Nmap 7.70 ( https://nmap.org ) at 2021-01-25 11:16 CST
Read data files from: /usr/local/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds
2.ポートスキャンを実施
nmapで日本のVPSサーバに対してポートスキャン実施。
$ nmap 133.125.50.166
Starting Nmap 7.70 ( https://nmap.org ) at 2021-01-25 11:18 CST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.05 seconds
なぜかpingが飛ばない。。
切り分けのため、中国国内のサーバにnmapを実施してみる。
$ nslookup baidu.com
Server: 219.149.6.99
Address: 219.149.6.99#53
Non-authoritative answer:
Name: baidu.com
Address: 220.181.38.148
Name: baidu.com
Address: 39.156.69.79
$ nmap 220.181.38.148
Starting Nmap 7.70 ( https://nmap.org ) at 2021-01-25 11:19 CST
Nmap scan report for 220.181.38.148
Host is up (0.021s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 44.74 seconds
問題無くスキャンできました。
ということでポートスキャンの通信はGFWでブロックされている可能性が高そうです。