마이닝: 연결 시간이 초과되어 서버에 연결할 수 없습니다. 그런데 핑이 작동하나요?

마이닝: 연결 시간이 초과되어 서버에 연결할 수 없습니다. 그런데 핑이 작동하나요?

내 서버 IP 또는 이름 서버에 대해 dig 명령을 실행하려고 하면 다음 오류가 발생합니다.

root@kali2:/etc# dig q-type=soa  @192.168.100.10

; <<>> DiG 9.11.4-P2-3-Debian <<>> q-type=soa @192.168.100.10
;; global options: +cmd
;; connection timed out; no servers could be reached

그런데 IP 주소 192.168.100.10으로 ping을 하면 작동하나요?

root@kali2:/etc# ping 192.168.100.10
PING 192.168.100.10 (192.168.100.10) 56(84) bytes of data.
64 bytes from 192.168.100.10: icmp_seq=1 ttl=128 time=0.303 ms
64 bytes from 192.168.100.10: icmp_seq=2 ttl=128 time=0.435 ms
64 bytes from 192.168.100.10: icmp_seq=3 ttl=128 time=0.473 ms
64 bytes from 192.168.100.10: icmp_seq=4 ttl=128 time=0.311 ms
64 bytes from 192.168.100.10: icmp_seq=5 ttl=128 time=0.450 ms
64 bytes from 192.168.100.10: icmp_seq=6 ttl=128 time=0.432 ms
64 bytes from 192.168.100.10: icmp_seq=7 ttl=128 time=0.257 ms

두 명령을 모두 실행했는데 netstat -tanpl|grep named 결과는 다음과 같습니다.

안전:

root@kali2:/etc# sudo tcpdump -n -i eth0 |grep 192.168.100.10
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:47:58.008033 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 1, length 64
10:47:58.008323 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 1, length 64
10:47:58.419381 IP 192.168.100.10.53 > 192.168.100.102.37288: 36971 ServFail 0/0/0 (39)
10:47:58.419414 IP 192.168.100.102 > 192.168.100.10: ICMP 192.168.100.102 udp port 37288 unreachable, length 75
10:47:58.420101 IP 192.168.100.10.53 > 192.168.100.102.37288: 48757 ServFail 0/0/0 (39)
10:47:58.420133 IP 192.168.100.102 > 192.168.100.10: ICMP 192.168.100.102 udp port 37288 unreachable, length 75
10:47:59.009746 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 2, length 64
10:47:59.010153 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 2, length 64
10:48:00.039627 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 3, length 64
10:48:00.040062 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 3, length 64
10:48:01.062910 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 4, length 64
10:48:01.063195 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 4, length 64
10:48:02.087714 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 5, length 64
10:48:02.088131 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 5, length 64
10:48:03.111551 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 6, length 64
10:48:03.111941 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 6, length 64
10:48:04.135101 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 7, length 64
10:48:04.135325 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 7, length 64
10:48:05.158967 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 8, length 64
10:48:05.159235 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 8, length 64
10:48:06.182922 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 9, length 64
10:48:06.183181 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 9, length 64
10:48:07.206900 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 10, length 64
10:48:08.231695 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 11, length 64
10:48:09.159054 ARP, Request who-has 192.168.100.10 tell 192.168.100.102, length 28
10:48:09.159264 ARP, Reply 192.168.100.10 is-at 08:00:27:41:51:2e, length 46
10:48:09.255021 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 12, length 64
10:48:09.256075 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 12, length 64

파기:

root@kali2:/etc# sudo tcpdump -n -i eth0 |grep 192.168.100.10
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:48:57.650201 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:48:57.650538 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:49:02.650286 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:49:02.650614 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:49:02.662878 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:49:07.650494 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
10:49:07.650826 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:40.446986 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:40.448936 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:45.447611 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:45.448205 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:52:45.639510 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:52:50.448151 IP 192.168.100.102.36033 > 192.168.1.10.53: 18363+ [1au] A? q-type=soa. (51)
10:52:50.448515 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:08.889789 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:08.890154 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:13.886029 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:13.886384 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:53:18.886799 IP 192.168.100.102.47890 > 192.168.1.10.53: 32015 [1au] NS? . (40)
10:53:18.887102 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:13.585198 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:13.585540 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:18.585562 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:18.585889 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
10:54:18.822835 ARP, Request who-has 192.168.100.1 tell 192.168.100.102, length 28
10:54:23.585993 IP 192.168.100.102.35477 > 192.168.1.10.53: 8463+ [1au] A? q-type=soa. (51)
10:54:23.586447 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
^C73 packets captured
73 packets received by filter
0 packets dropped by kernel

어떤 아이디어가 있나요?

답변1

패킷 추적을 통해 잘못된 호스트를 쿼리하고 있음을 알 수 있습니다.

  1. ping 192.168.100.10

    이는 호스트 192.168.100.10을 참조하므로 정확합니다.

    10:47:58.008033 IP 192.168.100.102 > 192.168.100.10: ICMP echo request, id 30744, seq 1, length 64
    10:47:58.008323 IP 192.168.100.10 > 192.168.100.102: ICMP echo reply, id 30744, seq 1, length 64
    
  2. dig type=soa @192.168.100.10

    여기의 패킷 추적은 사용자가 실제로 192.168.1.10을 쿼리하고 있음을 보여줍니다. 이는 dig사용자가 제공한 명령(아마도 입력하려고 했던 명령)이 명령줄에서 실제로 발생하는 명령과 일치하지 않음을 의미합니다.

    10:49:07.650494 IP 192.168.100.102.40815 > 192.168.1.10.53: 35773+ [1au] NS? . (40)
    10:49:07.650826 IP 192.168.100.1 > 192.168.100.102: ICMP host 192.168.1.10 unreachable, length 36
    

관련 정보