Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap v 3.20 false positives

From: "Brian G. Kirsch" <bkirsch () olosec com>
Date: Tue, 20 May 2003 13:18:36 -0700 (PDT)
I ran the following test (nmap v. 3.20 on RH 7.3):

nmap -T Normal -P0 -p1-15000 ip.addr.to.scan

and got the following output:

Interesting ports on host.domain.com (ip.addr.to.scan):
(The 14992 ports scanned but not shown below are in state: filtered)
Port       State       Service
22/tcp     open        ssh
80/tcp     open        http
902/tcp    open        unknown
4002/tcp   open        unknown
6931/tcp   open        unknown
7881/tcp   open        unknown
9163/tcp   open        unknown
14129/tcp  open        unknown

# Nmap run completed -- 1 IP address (1 host up) scanned in 17133.450 seconds

(NOTE THE LONG TIME TO COMPLETE)

The trouble is, that only two of these ports are actually open:

nmap -P0 
-p20-25,75-85,900-905,4000-4005,6930-6935,7880-7885,9160-9165,14125-14130  
ip.addr.to.scan

Starting nmap 3.20 ( www.insecure.org/nmap/ ) at 2003-05-20 13:11 PDT
Interesting ports on host.domain.com (ip.addr.to.scan):
(The 51 ports scanned but not shown below are in state: filtered)
Port       State       Service
22/tcp     open        ssh
80/tcp     open        http

Nmap run completed -- 1 IP address (1 host up) scanned in 3.263 seconds

In advance of any replies, I will be upgrading to nmap v. 3.27-1...

Thanks,
Brian

-- 
Brian Kirsch



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: