Penetration Testing mailing list archives
Re: Open ports
From: Todd Haverkos <infosec () haverkos com>
Date: Fri, 15 Aug 2008 17:34:50 -0500
skynetonsecurity () gmail com writes:
Hi Guys, I am doing pen-testing for pool of IP's, During pen-test I observed that some IP's are giving all ports open i.e. 65535 in NMAP result & Nessus is giving empty result. What could be the reason for this?
More than likely, a firewall between you and the targets. What options are you handing to nmap? Fyodor's (nmap's lead author) very useful nmap presentation is at http://insecure.org/presentations/BHDC08/ and svn links to the latest version of it are in the presentation. The --reason flag is rather useful in solving some of these mysteries. You also might be interested in the difference in how various discovery methods vary against stateful firwealls and non-stateful packet filtering firewalls (slides 8 and 9). Best Regards, -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Open ports skynetonsecurity (Aug 15)
- Re: Open ports Justin Rogosky (Aug 15)
- Re: Open ports R. DuFresne (Aug 15)
- Re:Re: Open ports Roy Firestein (Aug 15)
- Re: Open ports Joel Jose (Aug 15)
- Re: Open ports Michael Kitange (Aug 15)
- Re: Open ports Roy Firestein (Aug 15)
- Re: Open ports Luke Sheldrick (Aug 15)
- Re: Open ports Todd Haverkos (Aug 15)
- Re: Open ports Whitehat (Aug 16)
- <Possible follow-ups>
- RE: Open ports Shenk, Jerry A (Aug 15)