Finding available network resources inside your container

Sometimes you may have trouble connecting to a networked resource in your container, such as database images connected as service containers. A simple way to discover the available connections within your container is to use nmap. Specifically the command nmap -v -A localhost

 When you run this command it will scan available ports to see which ones are open, and sometimes provide useful information about the service behind it. In the example below nmap has found an instance of MySQL running on port 3306 while also providing some information about the instance. It has also found a service running on port 5432 and correctly guessed that it's an instance of Postgres running. 

It is not installed by default so you'll need to install it first before running it in your config

config.yml

- run: sudo apt install nmap -y

- run: nmap -v -A localhost

 

Output

#!/bin/bash -eo pipefailnmap -v -A localhost
Starting Nmap 6.47 ( http://nmap.org ) at 2017-10-04 18:19 UTCNSE: Loaded 118 scripts for scanning.NSE: Script Pre-scanning.Initiating Ping Scan at 18:19Scanning localhost (127.0.0.1) [2 ports]Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 1 undergoing Ping ScanPing Scan Timing: About 100.00% done; ETC: 18:19 (0:00:00 remaining)Completed Ping Scan at 18:19, 0.00s elapsed (1 total hosts)Initiating Connect Scan at 18:19Scanning localhost (127.0.0.1) [1000 ports]Discovered open port 3306/tcp on 127.0.0.1Discovered open port 5432/tcp on 127.0.0.1Completed Connect Scan at 18:19, 0.02s elapsed (1000 total ports)Initiating Service scan at 18:19Scanning 2 services on localhost (127.0.0.1)Completed Service scan at 18:19, 6.02s elapsed (2 services on 1 host)NSE: Script scanning 127.0.0.1.Initiating NSE at 18:19Completed NSE at 18:19, 0.01s elapsedNmap scan report for localhost (127.0.0.1)Host is up (0.00034s latency).Other addresses for localhost (not scanned): 127.0.0.1Not shown: 998 closed portsPORT     STATE SERVICE     VERSION3306/tcp open  mysql       MySQL 5.7.18| mysql-info: |   Protocol: 53|   Version: .7.18|   Thread ID: 5|   Capabilities flags: 65535|   Some Capabilities: SupportsLoadDataLocal, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolNew, SupportsCompression, Support41Auth, SwitchToSSLAfterHandshake, FoundRows, LongPassword, LongColumnFlag, IgnoreSigpipes, SupportsTransactions, InteractiveClient, DontAllowDatabaseTableColumn, Speaks41ProtocolOld, ODBCClient, ConnectWithDatabase|   Status: Autocommit|_  Salt: W\x1Ff&}Wzg/\x02BrhX\x1E\x1Cm+\x1F!5432/tcp open  postgresql?1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :SF-Port5432-TCP:V=6.47%I=7%D=10/4%Time=59D5261D%P=x86_64-pc-linux-gnu%r(SMSF:BProgNeg,8C,"E\0\0\0\x8bSFATAL\0VFATAL\0C0A000\0Munsupported\x20frontenSF:d\x20protocol\x2065363\.19778:\x20server\x20supports\x201\.0\x20to\x203SF:\.0\0Fpostmaster\.c\0L2031\0RProcessStartupPacket\0\0")%r(Kerberos,8C,"SF:E\0\0\0\x8bSFATAL\0VFATAL\0C0A000\0Munsupported\x20frontend\x20protocolSF:\x2027265\.28208:\x20server\x20supports\x201\.0\x20to\x203\.0\0FpostmasSF:ter\.c\0L2031\0RProcessStartupPacket\0\0");NSE: Script Post-scanning.Read data files from: /usr/bin/../share/nmapService detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 6.28 seconds
この記事は役に立ちましたか?
4人中1人がこの記事が役に立ったと言っています

コメント

0件のコメント

サインインしてコメントを残してください。