Nmap Development mailing list archives
Difference between windows and linux output
From: Mads Johansen <mazterthe () hotmail com>
Date: Tue, 9 Jun 2009 11:23:55 +0200
Hello list! When you enter the same command on Windows (xp) and Linux (ubuntu 8.04.2) you does not get the same output. See example: Linux: ./nmap -v -v -p1-20000 192.168.0.1 Starting Nmap 4.85BETA9 ( http://nmap.org ) at 2009-06-09 11:13 CEST NSE: Loaded 0 scripts for scanning. Initiating Ping Scan at 11:13 Scanning 192.168.0.1 [1 port] Completed Ping Scan at 11:13, 0.00s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 11:13 Completed Parallel DNS resolution of 1 host. at 11:13, 0.06s elapsed Initiating Connect Scan at 11:13 Scanning 192.168.0.1 [20000 ports] Discovered open port a/tcp on 192.168.0.1 Discovered open port b/tcp on 192.168.0.1 Completed Connect Scan at 11:13, 3.11s elapsed (20000 total ports) Host 192.168.0.1 is up (0.020s latency). Scanned at 2009-06-09 11:13:20 CEST for 3s Interesting ports on 192.168.0.1: Not shown: 19830 closed ports, 168 filtered ports PORT STATE SERVICE a/tcp open unknown b/tcp open unknown Read data files from: . Nmap done: 1 IP address (1 host up) scanned in 3.29 seconds Windows: nmap.exe -v -v -p1-20000 my.public.IP.here Starting Nmap 4.85BETA9 ( http://nmap.org ) at 2009-06-09 11:06 Rom, normaltid NSE: Loaded 0 scripts for scanning. Initiating Ping Scan at 11:06 Scanning my.public.IP.here [2 ports] Completed Ping Scan at 11:06, 0.22s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 11:06 Completed Parallel DNS resolution of 1 host. at 11:06, 0.30s elapsed Initiating SYN Stealth Scan at 11:06 Scanning my.public.IP.here (my.public.IP.here) [20000 ports] Discovered open port a/tcp on my.public.IP.here Increasing send delay for my.public.IP.here from 0 to 5 due to 407 out of 1355 droppe d probes since last increase. SYN Stealth Scan Timing: About 11.00% done; ETC: 11:10 (0:04:11 remaining) SYN Stealth Scan Timing: About 14.78% done; ETC: 11:13 (0:05:52 remaining) SYN Stealth Scan Timing: About 24.09% done; ETC: 11:12 (0:04:47 remaining) SYN Stealth Scan Timing: About 33.61% done; ETC: 11:12 (0:03:59 remaining) SYN Stealth Scan Timing: About 43.15% done; ETC: 11:12 (0:03:19 remaining) SYN Stealth Scan Timing: About 52.69% done; ETC: 11:11 (0:02:43 remaining) SYN Stealth Scan Timing: About 62.21% done; ETC: 11:11 (0:02:08 remaining) SYN Stealth Scan Timing: About 71.75% done; ETC: 11:11 (0:01:35 remaining) SYN Stealth Scan Timing: About 81.29% done; ETC: 11:11 (0:01:02 remaining) SYN Stealth Scan Timing: About 90.82% done; ETC: 11:11 (0:00:30 remaining) Discovered open port b/tcp on my.public.IP.here Completed SYN Stealth Scan at 11:11, 337.58s elapsed (20000 total ports) Host my.public.IP.here (my.public.IP.here) is up (0.033s late ncy). Scanned at 2009-06-09 11:06:12 Rom, normaltid for 338s Interesting ports on my.public.IP.here (my.public.IP.here): Not shown: 19998 closed ports PORT STATE SERVICE a/tcp open unknown b/tcp open unknown Read data files from: \Nmap Nmap done: 1 IP address (1 host up) scanned in 341.41 seconds Raw packets sent: 21532 (947.388KB) | Rcvd: 20012 (800.520KB) It should be noted that the two scans are made from different sides of a firewall (the pc being scanned). The windows one is from the outside and the linux is from the inside. I'd be happy to supply more information if you need it :) Best regards Mads Johansen _________________________________________________________________ More than messages–check out the rest of the Windows Live™. http://www.microsoft.com/windows/windowslive/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Difference between windows and linux output Mads Johansen (Jun 09)