Re: A Problem with Nmap - All Ports are classified as open no matter what IP address I scan

[Patrick Donnelly <batrick () batbytes com>]

On Wed, Jun 3, 2009 at 2:33 AM, Professor 0110 <professor0110 () gmail com> wrote:
> Hi everyone,
> I've been having this problem ever since I started using Nmap, but I haven't
> decided to ask for professional help until now.
>
> Anyway, my problem is, whenever I scan an IP address with Nmap it classifies
> all ports as open, and ports 135, 139 and 445 as filtered. The only
> exception to this case is when i scan my LAN . I am on a satellite broadband
> connection. However, whenever I use an alternate broadband connection, the
> Nmap scan works as it should and only identifies ports that are open.
>
> I ran a packet trace from the Nmap command line while scanning an IP address
> on the satellite broadband connection, and I received a SYN-ACK for all
> ports Nmap scanned.
>
> This is starting to get annoying, and I'm not sure how I can rectify this
> problem.
>
> Any help on this matter will be dearly appreciated!

I would conjecture that the ISP for the satellite is managing your
connections for you similar to a firewall. In this case, it is trying
to prevent the overhead of managing a TCP connection over the
satellite medium. It would be then plausible that the ISP
automatically SYN ACKs everything. While this behavior would not be
correct, it must work well for their general customer base.

This should be something you take up with the ISP.

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org