Nmap Development mailing list archives
Re: Excessive traffic in -PS/PA/PU ping scans
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 20 Mar 2007 18:26:55 +0000
On Tue, 20 Mar 2007 03:16:44 -0700 cybernmd <cybernmd () gmail com> wrote:
I have noticed the following when performing SYN, ACK, and UDP pings:
...snip...
Command: sudo nmap -PS443 192.168.1.1
You are scanning 192.168.1.1 which leads me to believe the scanning machine is directly connected to the same layer 2 network segment. Nmap will use ARP to determine if the host is up and shouldn't need to do any additional discovery. Are you able to reproduce your results on targets separated by L2 boundaries? Brandon -- Brandon Enright Network Security Analyst UCSD ACS/Network Operations bmenrigh () ucsd edu _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Excessive traffic in -PS/PA/PU ping scans cybernmd (Mar 20)
- Re: Excessive traffic in -PS/PA/PU ping scans Brandon Enright (Mar 20)
- Re: Excessive traffic in -PS/PA/PU ping scans Eddie Bell (Mar 20)
- Re: Excessive traffic in -PS/PA/PU ping scans Professor Messer (Mar 20)
- <Possible follow-ups>
- Re: Excessive traffic in -PS/PA/PU ping scans cybernmd (Mar 20)
- Re: Excessive traffic in -PS/PA/PU ping scans Hans Nilsson (Mar 21)