マイサーバーIPまたはネームサーバーに対してdigコマンドを実行しようとすると、次のエラーが発生します。
root@kali2:/etc# dig q-type=soa @192.168.100.10
; <<>> DiG 9.11.4-P2-3-Debian <<>> q-type=soa @192.168.100.10
;; global options: +cmd
;; connection timed out; no servers could be reached
ところで、IPアドレス192.168.100.10でpingをすると動作しますか?
root@kali2:/etc# ping 192.168.100.10
PING 192.168.100.10 (192.168.100.10) 56(84) bytes of data.
64 bytes from 192.168.100.10: icmp_seq=1 ttl=128 time=0.303 ms
64 bytes from 192.168.100.10: icmp_seq=2 ttl=128 time=0.435 ms
64 bytes from 192.168.100.10: icmp_seq=3 ttl=128 time=0.473 ms
64 bytes from 192.168.100.10: icmp_seq=4 ttl=128 time=0.311 ms
64 bytes from 192.168.100.10: icmp_seq=5 ttl=128 time=0.450 ms
64 bytes from 192.168.100.10: icmp_seq=6 ttl=128 time=0.432 ms
64 bytes from 192.168.100.10: icmp_seq=7 ttl=128 time=0.257 ms
両方のコマンドを実行しましたが、netstat -tanpl|grep named
結果は次のとおりです。
安全:
root@kali2:/etc# sudo tcpdump -n -i eth0 |grep 192.168.100.10
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:47:58.008033 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 1, length 64
10:47:58.008323 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 1, length 64
10:47:58.419381 IP 192.168.100.10.53 > 192.168.100.102.37288: 36971 ServFail 0/0/0 (39)
10:47:58.419414 IP 192.168.100.102 > 192.168.100.10: ICMP 192.168.100.102 udp port 37288 unreachable, length 75
10:47:58.420101 IP 192.168.100.10.53 > 192.168.100.102.37288: 48757 ServFail 0/0/0 (39)
10:47:58.420133 IP 192.168.100.102 > 192.168.100.10: ICMP 192.168.100.102 udp port 37288 unreachable, length 75
10:47:59.009746 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 2, length 64
10:47:59.010153 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 2, length 64
10:48:00.039627 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 3, length 64
10:48:00.040062 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 3, length 64
10:48:01.062910 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 4, length 64
10:48:01.063195 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 4, length 64
10:48:02.087714 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 5, length 64
10:48:02.088131 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 5, length 64
10:48:03.111551 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 6, length 64
10:48:03.111941 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 6, length 64
10:48:04.135101 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 7, length 64
10:48:04.135325 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 7, length 64
10:48:05.158967 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 8, length 64
10:48:05.159235 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 8, length 64
10:48:06.182922 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 9, length 64
10:48:06.183181 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 9, length 64
10:48:07.206900 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 10, length 64
10:48:08.231695 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 11, length 64
10:48:09.159054 ARP, Request who-has 192.168.100.10 tell 192.168.100.102, length 28
10:48:09.159264 ARP, Reply 192.168.100.10 is-at 08:00:27:41:51:2e, length 46
10:48:09.255021 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 12, length 64
10:48:09.256075 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 12, length 64
破棄:
root@kali2:/etc# sudo tcpdump -n -i eth0 |grep 192.168.100.10
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:48:57.650201 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:48:57.650538 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:49:02.650286 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:49:02.650614 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:49:02.662878 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:49:07.650494 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:49:07.650826 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:40.446986 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:40.448936 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:45.447611 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:45.448205 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:45.639510 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:52:50.448151 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:50.448515 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:08.889789 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:08.890154 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:13.886029 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:13.886384 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:18.886799 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:18.887102 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:13.585198 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:13.585540 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:18.585562 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:18.585889 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:18.822835 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:54:23.585993 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:23.586447 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
^C73 packets captured
73 packets received by filter
0 packets dropped by kernel
どんなアイデアがありますか?
答え1
パケット追跡により、間違ったホストを照会していることがわかります。
ping 192.168.100.10
これはホスト192.168.100.10を参照しているため、正確です。
10:47:58.008033 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 1, length 64 10:47:58.008323 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 1, length 64
dig type=soa @192.168.100.10
ここのパケット追跡は、ユーザーが実際に192.168.1.10を照会していることを示しています。これは
dig
、ユーザーが提供したコマンド(おそらく入力しようとしたコマンド)が、コマンドラインで実際に発生したコマンドと一致しないことを意味します。10:49:07.650494 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40) 10:49:07.650826 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36