Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

--spy all模式忽略掉docker网段 #156

Open
djerryz opened this issue Nov 26, 2023 · 2 comments
Open

--spy all模式忽略掉docker网段 #156

djerryz opened this issue Nov 26, 2023 · 2 comments

Comments

@djerryz
Copy link

djerryz commented Nov 26, 2023

主机上存在docker时,默认有以下网络:
76: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:3e:dc:33:37 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever

有如下路由:
ip route
default via 192.168.1.1 dev ens33 proto dhcp src 192.168.1.9 metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.9 metric 100
192.168.1.1 dev ens33 proto dhcp scope link src 192.168.1.9 metric 100

使用--spy all扫描会有大量对本地容器的发包探测行为,而且会认为目标存活,这种ping探测都是不准确的脏数据,是否能提供一个参数进行规避,谢谢
@djerryz
Copy link
Author

djerryz commented Nov 26, 2023

嗨,我看到fscan项目提供了一个参数:
-hn string
扫描时,要跳过的ip: -hn 192.168.1.1/24
我觉得kscan可以加上,规避不需要扫描的网段

@lcvvvv
Copy link
Owner

lcvvvv commented Nov 27, 2023

好提议,但项目在重构中,暂时可能不会做功能开发

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@djerryz @lcvvvv