Nmap Development mailing list archives
A little mysterious nmap-Session
From: rembrandt () jpberlin de
Date: Mon, 8 May 2006 15:20:22 +0200 (CEST)
I got some output I can`t identify... I used nmap 4.03, my OS is OpenBSD 3.9 in 64Bit Mode (amd64) (the Portupdate was submitted to Ports () openbsd org and I decided to use it because nmap 3.95 crashed) I connected from my Notebook (10.10.10.10) to my Workstation (192.168.0.11) and started to Scan a class B-network. nmap was started this way: nmap -sS -vvv -sV oA $NET -P0 $NET After a while I got this output: All 1674 scanned ports on x.x.x.x are: filtered SENT (45833.5370s) TCP 192.168.0.11:59260 > x.x.x.142:1514 S ttl=45 id=1569 iplen=44 seq=1711099290 win=2048 SENT (45833.5370s) TCP 192.168.0.11:59262 > x.x.x.144:333 S ttl=42 id=4168 iplen=44 seq=1710443924 win=3072 SENT (45833.5370s) TCP 192.168.0.11:59259 > x.x.x.147:257 S ttl=54 id=3486 iplen=44 seq=1711164825 win=3072 RCVD (45833.5320s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=7027 iplen=52 seq=1207579363 win=16080 ack=4153408694 RCVD (45833.5500s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=5315 iplen=52 seq=1207579363 win=16208 ack=4153409030 SENT (45833.6470s) TCP 192.168.0.11:59270 > x.x.x.139:21 S ttl=55 id=57854 iplen=44 seq=1677413276 win=4096 SENT (45833.6470s) TCP 192.168.0.11:59261 > x.x.x.138:186 S ttl=48 id=11001 iplen=44 seq=1711033755 win=1024 SENT (45833.6470s) TCP 192.168.0.11:59264 > x.x.x.140:9111 S ttl=44 id=7710 iplen=44 seq=1710312854 win=1024 SENT (45833.6470s) TCP 192.168.0.11:59264 > x.x.x.143:69 S ttl=55 id=1945 iplen=44 seq=1710312854 win=4096 SENT (45833.6470s) TCP 192.168.0.11:59263 > x.x.x.149:1528 S ttl=39 id=53973 iplen=44 seq=1710378389 win=4096 RCVD (45833.6470s) TCP x.x.x.139:21 > 192.168.0.11:59270 SA ttl=64 id=17130 iplen=44 seq=1211525688 win=16384 ack=1677413277 RCVD (45833.6420s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=28914 iplen=52 seq=1207579363 win=16224 ack=4153409366 RCVD (45833.6450s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=27234 iplen=52 seq=1207579363 win=16096 ack=4153409958 RCVD (45833.6530s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=28425 iplen=52 seq=1207579363 win=16080 ack=4153410438 RCVD (45833.6700s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=26205 iplen=52 seq=1207579363 win=16208 ack=4153410678 RCVD (45833.6930s) TCP 194.45.27.107:7777 > 192.168.0.11:12757 A ttl=56 id=29235 iplen=64 seq=3072794502 win=17136 ack=4251045306 RCVD (45833.7110s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=20192 iplen=52 seq=1207579363 win=16208 ack=4153411030 SENT (45833.7570s) TCP 192.168.0.11:59262 > x.x.x.133:790 S ttl=53 id=8088 iplen=44 seq=1710443924 win=2048 SENT (45833.7570s) TCP 192.168.0.11:59263 > x.x.x.153:1510 S ttl=59 id=470 iplen=44 seq=1710378389 win=4096 SENT (45833.7570s) TCP 192.168.0.11:59258 > x.x.x.128:4480 S ttl=55 id=62400 iplen=44 seq=1711230360 win=4096 RCVD (45833.7510s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=7741 iplen=52 seq=1207579363 win=16224 ack=4153411366 RCVD (45833.7700s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=8304 iplen=52 seq=1207579363 win=16208 ack=4153411830 RCVD (45833.7970s) TCP 169.252.9.133:21 > 192.168.0.11:46473 SA ttl=64 id=32091 iplen=44 seq=436555142 win=16384 ack=2500396319 RCVD (45833.7910s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=1200 iplen=52 seq=1207579363 win=16208 ack=4153412182 SENT (45833.8380s) TCP 192.168.0.11:59264 > x.x.x.136:2603 S ttl=48 id=15780 iplen=44 seq=1710312854 win=1024 RCVD (45833.8320s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=3494 iplen=52 seq=1207579363 win=16208 ack=4153412534 RCVD (45833.9590s) ICMP 198.119.56.67 > 192.168.0.11 communication administratively prohibited by filtering (type=3/code=13) ttl=248 id=52539 iplen=56 RCVD (45833.9620s) TCP 10.10.10.10:40532 > 192.168.0.11:22 A ttl=63 id=1122 iplen=52 seq=1207579363 win=16176 ack=4153412918 SENT (45833.9880s) TCP 192.168.0.11:59454 > x.x.x.130:21 S ttl=43 id=1305 iplen=44 seq=3690722204 win=4096 SENT (45833.9890s) TCP 192.168.0.11:59515 > x.x.x.140:21 S ttl=50 id=7042 iplen=44 seq=2667296412 win=3072 SENT (45833.9890s) TCP 192.168.0.11:59465 > x.x.x.143:21 S ttl=37 id=33696 iplen=44 seq=2902164636 win=2048 SENT (45833.9890s) TCP 192.168.0.11:59264 > x.x.x.139:388 S ttl=57 id=1219 iplen=44 seq=1710312854 win=2048 SENT (45833.9890s) TCP 192.168.0.11:59262 > x.x.x.145:141 S ttl=53 id=13135 iplen=44 seq=1710443924 win=2048 SENT (45833.9890s) TCP 192.168.0.11:59261 > x.x.x.148:449 S ttl=39 id=7734 iplen=44 seq=1711033755 win=4096 SENT (45833.9890s) TCP 192.168.0.11:59264 > x.x.x.149:1528 S ttl=48 id=34613 iplen=44 seq=1710312854 win=1024 SENT (45833.9890s) TCP 192.168.0.11:59258 > x.x.x.151:188 S ttl=43 id=35555 iplen=44 seq=1711230360 win=4096 SENT (45833.9890s) TCP 192.168.0.11:59261 > x.x.x.154:71 S ttl=51 id=24939 iplen=44 seq=1711033755 win=4096 I had serval Scans running (paralel). After a while the NMAP-Output was normal again. Could somebody maybe tell me why I got this output except of the "normal known" stuff? I never saw such an output in all the years I`m using nmap now so I would like to know about the reasons. Kind Regards, Rembrandt _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- A little mysterious nmap-Session rembrandt (May 08)
- Re: A little mysterious nmap-Session Arturo 'Buanzo' Busleiman (May 08)
- <Possible follow-ups>
- Re: A little mysterious nmap-Session rembrandt (May 08)