Re: 10.1.1.1 up?

[<jaye_gettes () hushmail com>]

I thought -P0 was "do not ping first" in case programs like portsentry
block you if you ping a host first?  Also, is it not the case that a
host that is not pingable (because a fw blocks ping) could allow a tcp
or udp port in?

thanks


On Wed, 28 May 2003 13:58:13 -0700 Chad Loder <cloder () loder us> wrote:
> The -P0 option assumes the box is up, which is why nmap
> is telling you it's up.
>
>       c
>
> On Wed, May 28, 2003 at 01:49:06PM -0700, jaye_gettes () hushmail com
> wrote:
> > I'm truly confused.  this is an nmap from an externally facing
> RH Linux
> > box:
> >
> > [root@katze jaye]# nmap -sS -O -P0 10.1.1.1
> >
> > Starting nmap 3.27 ( www.insecure.org/nmap/ ) at 2003-05-27 23:47
> EDT
> > Warning:  OS detection will be MUCH less reliable because we did
> not
> > find at least 1 open and 1 closed TCP port
> > All 1623 scanned ports on 10.1.1.1 are: filtered
> > Too many fingerprints match this host for me to give an accurate
> OS guess
> > Nmap run completed -- 1 IP address (1 host up) scanned in 1585.425
> seconds
> > Yet, without the "no ping", I get the expected answer:
> >
> > [root@katze jaye]# nmap -sS -O 10.1.1.1
> >
> > Starting nmap 3.27 ( www.insecure.org/nmap/ ) at 2003-05-28 00:36
> EDT
> > Note: Host seems down. If it is really up, but blocking our ping
> probes,
> >  try -P0
> > Nmap run completed -- 1 IP address (0 hosts up) scanned in 12.319
> seconds
> > Since 10.0.0.0/8 is not in BGP and is non-externally-routable
> address
> > space, what is cauing NMAP to tell me a box is up?  
> >
> > thanks in advance
> >
> >
> > --------------------------------------------------------------
> -------
> > For help using this (nmap-dev) mailing list, send a blank email
> to 
> > nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).