Nmap Development mailing list archives
RE: nmap not working properly...showing ports as filtered, but ncat banner grab works
From: "Joseph McCray" <joe () strategicsec com>
Date: Mon, 16 Jan 2012 17:55:17 -0500
OK - tracked the problem down. My hosting company is using Virtuoso and gave me a Ubuntu 10.10 OS template, when I did a release upgrade to 11.10 - the virtual machine actually lost it's IP address: root@shrek:/toolz/nmap-source# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:17 errors:0 dropped:0 overruns:0 frame:0 TX packets:17 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:828 (828.0 B) TX bytes:828 (828.0 B) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:199139 errors:0 dropped:0 overruns:0 frame:0 TX packets:190106 errors:0 dropped:18 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:196114461 (196.1 MB) TX bytes:17810823 (17.8 MB) Evidently - with the way my hosting company is using Virtuoso you need to utilize these templates for the virtual machines. They just gave me a new VM, and I need to run it specifying the correct interface like this: nmap -sV 69.163.181.91 -e venet0:0 Joe McCray Toll Free: 1-866-892-2132 Email: joe () strategicsec com LinkedIn: http://www.linkedin.com/in/joemccray Twitter: http://twitter.com/j0emccray Slideshare: http://www.slideshare.net/joemccray GPG Key: http://strategicsec.com/JoeStrategicSec_Public.key Website: http://strategicsec.com When NASA began the launch of astronauts into space, they found out that the pens wouldn't work at zero gravity (ink won't flow down to the writing surface). To solve this problem, it took them one decade and $12 million. They developed a pen that worked at zero gravity, upside down, underwater, in practically any surface including crystal and in a temperature range from below freezing to over 300 degrees C. And what did the Russians do...?? They used a pencil. -----Original Message----- From: David Fifield [mailto:david () bamsoftware com] Sent: Monday, January 16, 2012 2:19 PM To: Joseph McCray Cc: nmap-dev () insecure org Subject: Re: nmap not working properly...showing ports as filtered, but ncat banner grab works On Mon, Jan 16, 2012 at 03:59:54AM -0500, Joseph McCray wrote:
Building a box right now. Any IP that I scan comes back as ports being filtered, but ncat allows me to bannergrab the host. Never seen that before. It does this for any port on any IP - ncat bannergrab works, but not a portscan. Any ideas? root@shrek:~# ncat 69.163.181.91 22 <-- This works fine SSH-2.0-OpenSSH_5.1p1 Debian-5 root@shrek:~# nmap -PN -sV -p 22 69.163.181.91 <-- This
doesn't
work - always shows filtered PORT STATE SERVICE 22/tcp filtered ssh
Try the --packet-trace option to see what is being sent and received. Is it only this target that has the problem, or all targets from your particular scanning machine? If it is only this one target, try to get a packet capture ("tcpdump -w dump.pcap host 69.163.181.91"). David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Robin Wood (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Hani Benhabiles (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works David Fifield (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works 'David Fifield' (Jan 20)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)