Nmap Development mailing list archives
nmap mac osx 10.6.1 Network scans only return results for local host
From: David Radunsky <DRadunsky () intldata com>
Date: Mon, 9 Nov 2009 20:30:49 -0500
Good Day, Thanks in advance for your assistance. nmap is an invaluable tool! After upgrading to Snow Leopard all scans return only information about my machine. Session information follows. Wireshark seems to be working, but I don't have a lot of traffic on my small net to test. The nmap scan leaves off the firewall at 242.1, and a printer at 242.4. I have tried reinstalling using the mpkg for V5. I have been searching the net and the insecure archives and haven't found anything helpful. Any help would be appreciated. rendel:~ dlr$ sudo nmap -T4 -A -v -PE -PA21,23,80,3389 192.168.242.0/24 Starting Nmap 5.00 ( http://nmap.org ) at 2009-11-09 20:18 EST NSE: Loaded 30 scripts for scanning. Initiating ARP Ping Scan at 20:18 Scanning 220 hosts [1 port/host] Completed ARP Ping Scan at 20:18, 4.46s elapsed (220 total hosts) Initiating Parallel DNS resolution of 1 host. at 20:18 Completed Parallel DNS resolution of 1 host. at 20:18, 0.02s elapsed Initiating ARP Ping Scan at 20:18 Scanning 35 hosts [1 port/host] Completed ARP Ping Scan at 20:18, 0.82s elapsed (35 total hosts) Initiating SYN Stealth Scan at 20:18 Scanning 192.168.242.220 [1000 ports] Discovered open port 5900/tcp on 192.168.242.220 Discovered open port 445/tcp on 192.168.242.220 Discovered open port 139/tcp on 192.168.242.220 Discovered open port 88/tcp on 192.168.242.220 Discovered open port 3300/tcp on 192.168.242.220 Discovered open port 548/tcp on 192.168.242.220 Discovered open port 6000/tcp on 192.168.242.220 Completed SYN Stealth Scan at 20:18, 7.97s elapsed (1000 total ports) Initiating Service scan at 20:18 Scanning 7 services on 192.168.242.220 Completed Service scan at 20:20, 106.03s elapsed (7 services on 1 host) Initiating OS detection (try #1) against 192.168.242.220 NSE: Script scanning 192.168.242.220. NSE: Starting runlevel 1 scan Initiating NSE at 20:20 Completed NSE at 20:20, 0.04s elapsed NSE: Starting runlevel 2 scan Initiating NSE at 20:20 Completed NSE at 20:20, 0.02s elapsed NSE: Script Scanning completed. Host 192.168.242.220 is up (0.00011s latency). Interesting ports on 192.168.242.220: Not shown: 956 closed ports, 37 filtered ports PORT STATE SERVICE VERSION 88/tcp open kerberos-sec Mac OS X kerberos-sec 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 548/tcp open afp? 3300/tcp open unknown 5900/tcp open vnc Apple remote desktop vnc 6000/tcp open X11 (access denied) 1 service unrecognized despite returning data. If you know the service/ version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : SF-Port548-TCP:V=5.00%I=7%D=11/9%Time=4AF8BF6B%P=i386-apple- darwin9.7.0%r( SF:SSLSessionReq,17B,"\x01\x03\0\0Q\xec\xff\xff\0\0\x01k\0\0\0\0\0\x1a \0\( SF:\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a\0\xf0\x01b \rMacBookPro3,1\x04\x06AF SF:P3\.3\x06AFP3\.2\x06AFP3\. 1\x06AFPX03\x05\tDHCAST128\x04DHX2\x06Recon1\ SF:rClient\x20Krb\x20v2\x0fNo\x20User\x20Authent \0\0\0\0\0\0\x10\0\x80\0\0 SF:\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc\x02\$\x08\x02\n \xd37\x02\x02 SF:\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1bc\xff \xf SF:e\x9fF\xb9\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe \0\0\x08\x SF:02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe\0\0\t\x02\$ \x11\x0419 SF:2\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 2C5EA9D1B40B10FC06EA6B02DFD40 SF:DEDEA608E0F@LKDC:SHA1\.2C5EA9D1B40B10FC06EA6B02DFD40DEDEA608E0F \0\0\x07 SF:grendel")%r(SSLv23SessionReq,17B,"\x01\x03\0\x80Q\xec\xff\xff \0\0\x01k\ SF:0\0\0\0\0\x1a\0\(\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a\0\xf0\x01b \rMacBoo SF:kPro3,1\x04\x06AFP3\.3\x06AFP3\.2\x06AFP3\. 1\x06AFPX03\x05\tDHCAST128\x SF:04DHX2\x06Recon1\rClient\x20Krb\x20v2\x0fNo\x20User\x20Authent \0\0\0\0\ SF:0\0\x10\0\x80\0\0\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc\x02\$ \x08\x SF:02\n\xd37\x02\x02\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe \x80\0\0\0\0\0\ SF:0\x02\x1bc\xff\xfe\x9fF\xb9\x02\$\x14\x07\xfe \x80\0\0\0\0\0\0\x02\x1cB\ SF:xff\xfe\0\0\x08\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe \0\0\ SF:t\x02\$\x11\x04192\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 2C5EA9D1B40B SF:10FC06EA6B02DFD40DEDEA608E0F@LKDC:SHA1\. 2C5EA9D1B40B10FC06EA6B02DFD40DE SF:DEA608E0F\0\0\x07grendel")%r(WMSRequest,17B,"\x01\x03\0NQ\xec\xff \xff\0 SF:\0\x01k\0\0\0\0\0\x1a\0\(\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a \0\xf0\x01b SF:\rMacBookPro3,1\x04\x06AFP3\.3\x06AFP3\.2\x06AFP3\. 1\x06AFPX03\x05\tDHC SF:AST128\x04DHX2\x06Recon1\rClient\x20Krb\x20v2\x0fNo\x20User \x20Authent\ SF:0\0\0\0\0\0\x10\0\x80\0\0\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc \x02 SF:\$\x08\x02\n\xd37\x02\x02\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe \x80\0\ SF:0\0\0\0\0\x02\x1bc\xff\xfe\x9fF\xb9\x02\$\x14\x07\xfe \x80\0\0\0\0\0\0\x SF:02\x1cB\xff\xfe\0\0\x08\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB \xff\ SF:xfe\0\0\t\x02\$\x11\x04192\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 2C5E SF:A9D1B40B10FC06EA6B02DFD40DEDEA608E0F@LKDC:SHA1\. 2C5EA9D1B40B10FC06EA6B0 SF:2DFD40DEDEA608E0F\0\0\x07grendel"); Device type: general purpose Running: Apple Mac OS X 10.5.X OS details: Apple Mac OS X 10.5 - 10.5.6 (Leopard) (Darwin 9.0.0 - 9.6.0) Uptime guess: 58.464 days (since Sat Sep 12 10:12:03 2009) Network Distance: 0 hops TCP Sequence Prediction: Difficulty=252 (Good luck!) IP ID Sequence Generation: Randomized Service Info: OSs: Mac OS X, Unix Host script results: | nbstat: NetBIOS name: GRENDEL, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> | Name: GRENDEL<03> Flags: <unique><active> | Name: GRENDEL<20> Flags: <unique><active> | Name: GRENDEL<00> Flags: <unique><active> | Name: \x01\x02__MSBROWSE__\x02<01> Flags: <group><active> | Name: WORKGROUP<1d> Flags: <unique><active> | Name: WORKGROUP<1e> Flags: <group><active> |_ Name: WORKGROUP<00> Flags: <group><active> | smb-os-discovery: Unix | LAN Manager: Samba 3.0.28a-apple | Name: WORKGROUP\Unknown |_ System time: 2009-11-09 20:20:17 UTC-5 Read data files from: /usr/local/share/nmap OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 256 IP addresses (1 host up) scanned in 121.62 seconds Raw packets sent: 2121 (93.162KB) | Rcvd: 2600 (111.452KB) -- David Radunsky Advanced System Consultant International Data Consultants 13302 SW 128 St Miami, FL 33186 c 786 261-9593 o 305 253-7677 f 305 253-7657
Attachment:
ATT00001.txt
Description: ATT00001.txt
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap mac osx 10.6.1 Network scans only return results for local host David Radunsky (Nov 09)
- Re: nmap mac osx 10.6.1 Network scans only return results for local host Tom Sellers (Nov 09)
- Fwd: nmap mac osx 10.6.1 Network scans only return results for local host David Radunsky (Nov 09)
- Re: Fwd: nmap mac osx 10.6.1 Network scans only return results for local host David Fifield (Nov 09)