Re: Showing Ports Nmap Hides

[David Fifield <david () bamsoftware com>]

On Sun, Aug 30, 2009 at 02:48:09PM -0500, DePriest, Jason R. wrote:
> On Sun, Aug 30, 2009 at 1:06 PM, Andrew Johnston<> wrote:
> > I have recently downloaded and started using Nmap 5.00. Like all version of
> > nmap, I find it is a very helpful tool. But recently, I was charged with
> > scanning a group of computers. All nmap said was there was hundreds of
> > filtered ports. I randomly guess a few ports and nmaped them. Nmap said they
> > were filtered/closed, but they were completely open. How do I force nmap to
> > show these ports? I believe that a firewall on the machine is recognizing
> > the scan, because at first (at least in nessus) is shows them as open, but
> > then the firewall is reconizing the scan, and sending out an RST to each
> > port that was sent a SYN.
>
> Running -v -v should be enough to display all the ports.
>
> I think a -v will put all the ports in the greppable output.

Also, Nmap doesn't scan every port by default, only the 1000 most
common. Use --top-ports with a higher number to scan more or list
specifically the ports you want with -p.

Use the --reason and --packet-trace options together to scan a couple of
ports and see why they are being classified the way they are.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org