Nmap Development mailing list archives
Re: network and nmap doubt
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 11 Oct 2011 15:43:15 -0500
On 10/11/2011 01:39 PM, Joao Daniel wrote:
NAT works by maintaining a map of locally-originated connections to external ports. If a packet of any type comes in to the NAT device without a pre-existing connection on that port, the device cannot know where to send it.I was figuring out if I can discoverer how many computers are behind a NAT. As far as I know a NAT works like state firewall by blocking some types of TCP packages.I assumed that NAT will (of course?) block SYN packages. So, I tried to ran:nmap -PA IP nmap -sA IP Both gave me just 1 Host Up. This is not true. My questions are: 1) Why it did not work ?
2) Is it possible to do it ? (I want to find out how, dont tell, just say yes or no)
No, unless the NAT device is forwarding one or more ports to internal hosts.
If one or more ports are mapped to internal hosts, the qscan script may be able to differentiate which machines those ports belong to.2a) Will it need scripts?
3) Where I can look out for Nmap's scripts ?
http://nmap.org/nsedoc/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Best of luck, Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- network and nmap doubt Joao Daniel (Oct 11)
- Re: network and nmap doubt Daniel Miller (Oct 11)