Nmap Development mailing list archives
how to scan hosts protected by reactive firewall/ips?
From: Richard Miles <richard.k.miles () googlemail com>
Date: Wed, 12 May 2010 16:28:48 +0000
Hi I have 10 hosts on the same network protected by a very hostile and reactive firewall/ips, consequently when I try to scan it I get: ll 1000 scanned ports on XXX-YYY-ZZZ-AAA.host.com (XXX.YYY.ZZZ.AAA) are filtered Too many fingerprints match this host to give specific OS details It happened in all the hosts, while this one in particular has at least a web server at port 80 and 443, because I can connect with firefox. I tried to use -D (Decoy) with 7 hosts, but I got the same results. It should not happen? Not all hosts can be used as a Decoy? For example www.microsoft.com ? I also tried "--scan-delay 2 -randomize-hosts --max-rate 5" and I got the same problem. What values in general you use at --scan-delay? And what at --max-rate? The value of --scan-delay is in seconds? I'm using for the basic scan the methods "-PN -sV -sC -O ". Please, advise me other techniques. Thank you _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- how to scan hosts protected by reactive firewall/ips? Richard Miles (May 12)
- RE: how to scan hosts protected by reactive firewall/ips? Stephen Kleine (May 12)
- Re: how to scan hosts protected by reactive firewall/ips? Richard Miles (May 12)
- Re: how to scan hosts protected by reactive firewall/ips? David Fifield (May 12)
- Re: how to scan hosts protected by reactive firewall/ips? Richard Miles (May 12)
- RE: how to scan hosts protected by reactive firewall/ips? Stephen Kleine (May 12)