Security Basics mailing list archives
Re: Host responses only in case of range scan
From: nshadov.eq () gmail com
Date: Tue, 13 Sep 2011 00:33:04 +0200
Hi, it's probably because nmap received TCP answer (SYN+ACK / RST) after some period of time, longer than it was waiting for (in what it sees as reliable network and properly responding host). * 10.10.10.1 For one host scan, answer arrived shortly after nmap finished it's scan so it's not included in summary. * 10.10.10.0/27 On the other hand, subnet scan takes longer (more hosts to check, aggregated SYN requests) so answer is received before nmap finished and it appears on results. Try changing "--max-rtt-timeout <time>" (Nmap Reference Guide: http://nmap.org/book/man-performance.html). RTT values are usually determined by nmap during "ping phase", although you specified no ping at all (-PN option) so hard-coded values were used. If turning off ping is not essential for your scan, you could also try not to disable it and verify results. -- nshadov
Hello, if I execute following command: nmap -PN -p443 -T4 -sS --reason 10.10.10.0/27 | grep -A3 10.10.10.1 ..I get following results: [root@ ~]# nmap -PN -p443 -T4 -sS --reason 10.10.10.0/27 | grep -A3 10.10.10.1 Nmap scan report for 10.10.10.1 Host is up, received user-set (0.019s latency). PORT STATE SERVICE REASON 443/tcp open https syn-ack [root@ ~]# Now if I scan only this particular host: nmap -PN -sS -p443 -T4 --reason 10.10.10.1 ..the TCP port 443 seems to be filtered: [root@ ~]# nmap -PN -sS -p443 -T4 --reason 10.10.10.1 Starting Nmap 5.51 ( http://nmap.org ) at 2011-09-11 02:53 EEST Nmap scan report for 10.10.10.1 Host is up, received user-set. PORT STATE SERVICE REASON 443/tcp filtered https no-response Nmap done: 1 IP address (1 host up) scanned in 1.09 seconds [root@ ~]# How to explain this? regarding, martin ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f72 7d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Host responses only in case of range scan Martin T (Sep 12)
- Re: Host responses only in case of range scan nshadov . eq (Sep 12)
- Re: Host responses only in case of range scan TAS (Sep 13)
- Re: Host responses only in case of range scan Matias Katz (Sep 13)