Nmap Development mailing list archives
Re: differences between nmap-online and nmap command line
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 24 Jun 2008 15:43:49 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 24 Jun 2008 18:29:40 +0300 or thereabouts "sara fink" <sara.fink () gmail com> wrote:
so, which output is correct? the command line or the web page test? I tested it on my external ip. I have linux kernel 2.6.24.
Probably both. Remember that the results of a port scan are a function of the scanning machine, target machine, and all network filters (firewalls) between the two. - From one view (localhost) you may have 3000 closed ports. From another host (nmap-online) you may have a handful of filtered ports. The list you provided is a reasonable, albeit aggressive list of ports for an ISP to filter.
As far as I know there shouldn't be a problem to run nmap from the same pc on my external IP.
There probably isn't.
It looked like the command line didn't even scan. In a sec I got the reply of 3000 port scan.
3000 ports doesn't take long when the all respond with at RST. Here's my machine: $ sudo nmap -p1-3000 -T4 -sS 192.168.0.100 Starting Nmap 4.65 ( http://nmap.org ) at 2008-06-24 15:41 UTC Interesting ports on bmenrigh.dyndns.org (192.168.0.100): Not shown: 2997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 0.175 seconds 0.175 seconds is what I'd call a "blink of the eye". Brandon
On Tue, Jun 24, 2008 at 4:26 PM, Ron (list) <ron () skullsecurity net> wrote:sara fink wrote:I ran nmap online on my ip. I got some results. But when I run the same nmap on my ip from command line I get totally different results.Looks to me like ports are being filtered out somewhere between you and the target. Likely, they're being filtered by your ISP to protect you from worms and such. Hope that helps! Ron
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkhhFjwACgkQqaGPzAsl94LQxQCgofcIqPsP045uZEQvA2M72a1h TyUAnA8L3HzMMc0ATPF+f41YIctQhXzX =iccV -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- differences between nmap-online and nmap command line sara fink (Jun 24)
- Re: differences between nmap-online and nmap command line Ron (list) (Jun 24)
- Re: differences between nmap-online and nmap command line sara fink (Jun 24)
- Re: differences between nmap-online and nmap command line Brandon Enright (Jun 24)
- Re: differences between nmap-online and nmap command line sara fink (Jun 24)
- Re: differences between nmap-online and nmap command line Fyodor (Jun 24)
- Re: differences between nmap-online and nmap command line sara fink (Jun 24)
- Re: differences between nmap-online and nmap command line sara fink (Jun 24)
- Re: differences between nmap-online and nmap command line Ron (list) (Jun 24)