Nmap Development mailing list archives
Re: weird nmap problems
From: Jon Passki <jon.passki () hursk com>
Date: Wed, 12 Jul 2006 09:13:24 -0500
On Jul 11, 2006, at 10:40 PM, Joshua Perrymon wrote:
[root@agentdev root]# nmap www. <http://www.xxx.com> xxx.com -p 80 Starting Nmap 3.95 ( <http://www.insecure.org/nmap/> http://www.insecure.org/nmap/ ) at 2006-07-12 12:53 EST Interesting ports on <ftp://ftp.xxxx.com> ftp.xxxx.com (xx.xx.xx.xx): PORT STATE SERVICE 80/tcp filtered http Nmap finished: 1 IP address (1 host up) scanned in 0.368 seconds [root@agentdev root]# nmap <http://www.xxxxx.com> www.xxxxx.com -p 80 -P0 Starting Nmap 3.95 ( <http://www.insecure.org/nmap/> http://www.insecure.org/nmap/ ) at 2006-07-12 12:53 EST Interesting ports on <ftp://ftp.xxxxxx.com> ftp.xxxxxx.com (xx.xx. 254.253): PORT STATE SERVICE 80/tcp open http It seems that the scan returns filtered with this command [root@agentdev root]# nmap <http://www.xxx.com/> www.xxx.com - p 80 But If I add the -P0 switch it comes back with an open port????? Is this something on my network or nmap?
By default, nmap will try to discover if the host is active before scanning, which (by default) uses the ICMP echo request / reply method. If the host is not discovered, nmap will consider the host not up (and all ports on it filtered). When you specified -P0, you requested nmap to skip the host discovery phase and perform the TCP connect scan (default scan type) on the port specified. Clear as mud, eh? ;-) So, the results you had in all cases are expected and nmap is performing correctly.
Thanks!
NP! Jon _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- weird nmap problems Joshua Perrymon (Jul 11)
- Re: weird nmap problems Jon Passki (Jul 12)
- Re: weird nmap problems Diman Todorov (Jul 12)
- Re: weird nmap problems Jon Passki (Jul 12)
- Re: weird nmap problems Diman Todorov (Jul 12)
- Re: weird nmap problems Jon Passki (Jul 12)