Nmap Development mailing list archives
Re: Nmap 4.75 Posted!
From: Ron <ron () skullsecurity net>
Date: Mon, 08 Sep 2008 07:02:58 -0500
Aaron Leininger wrote:
nmap 4.75 compiles fine on my debian box. I ran it on a box on my network and got the following: $ sudo nmap -sS my_target Starting Nmap 4.75 ( http://nmap.org ) at 2008-09-08 09:27 PDT Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Interesting ports on ths-aleininger-desktop.ttsd.k12.or.us (my_target): Not shown: 986 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1049/tcp open unknown 1050/tcp open java-or-OTGfileshare 2701/tcp open unknown 2702/tcp open unknown 5800/tcp open vnc-http 5900/tcp open vnc 8192/tcp open unknown 8193/tcp open unknown 8194/tcp open unknown 16992/tcp open unknown 16993/tcp open unknown MAC Address: 00:1C:C0:4E:3A:E7 (Intel Corporate) Nmap done: 1 IP address (1 host up) scanned in 1.56 seconds Compare that to the output of nmap 4.68 using the same command and same host: ------------------------------------------------------------------------------------------------- Starting Nmap 4.68 ( http://nmap.org ) at 2008-09-08 09:31 PDT Interesting ports on my_target: Not shown: 1709 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1050/tcp open java-or-OTGfileshare 5800/tcp open vnc-http 5900/tcp open vnc Nmap done: 1 IP address (1 host up) scanned in 1.385 seconds I ran a test with hping on port 16992 shown in 4.75 as open with the following results: # hping -S -p 16992 -c 1 my_target HPING 10.4.0.106 (eth0 10.4.0.106): S set, 40 headers + 0 data bytes len=46 ip=10.4.0.106 ttl=128 DF id=16544 sport=16992 flags=SA seq=0 win=64512 rtt=0.5 ms It did come back with SYN and ACK flagged so it seems as if 4.75 is correct. What is odd is that 4.68 doesn't show those ports. Is 4.75 set to scan a larger range of ports by default? Aaron
Hey Aaron, Yes, they added a bunch of "frequency" checks for ports. More info here: http://seclists.org/nmap-dev/2008/q3/0642.html Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Nmap 4.75 Posted!, (continued)
- Re: Nmap 4.75 Posted! Lionel Cons (Sep 08)
- Re: Nmap 4.75 Posted! David Fifield (Sep 08)
- Re: Nmap 4.75 Posted! Lionel Cons (Sep 09)
- Re: Nmap 4.75 Posted! sara fink (Sep 09)
- Nmap 4.75 -- make error Aaron Leininger (Sep 10)
- Re: Nmap 4.75 -- make error David Fifield (Sep 10)
- RE: Nmap 4.75 -- make error - Fixed Aaron Leininger (Sep 11)
- Re: Nmap 4.75 -- make error - Fixed David Fifield (Sep 11)
- RE: Nmap 4.75 -- make error - Fixed Aaron Leininger (Sep 11)
- Re: Nmap 4.75 Posted! David Fifield (Sep 08)
- Re: Nmap 4.75 Posted! Lionel Cons (Sep 08)
- Re: Nmap 4.75 Posted! Ron (Sep 08)