Nmap Development mailing list archives
Re: help -- nmap not probing filtered ports
From: Utkarsh Shrivastava <utkarsh12 () gmail com>
Date: Tue, 12 Oct 2010 05:03:44 -0400
On Tue, Oct 12, 2010 at 4:48 AM, Rob Nicholls <robert () robnicholls co uk> wrote:
On Mon, 11 Oct 2010 21:42:19 -0400, Utkarsh Shrivastava <utkarsh12 () gmail com> wrote:I've used virtually all the nmap options but not luck. nmap -PN <IP> always tells me that the host is upDid you mean -Pn (although it seems that -PN also works)? This option tells Nmap to assume the host is up, so it won't bother checking, and therefore will always tell you (unless you're scanning on the local subnet) that "Host is up." even if a host doesn't exist.
Yes, I am using -PN option and it seems to be doing what you mentioned. So, I have removed it from my scan type and added -v -sV -T4 -O
I am sure IP x is up because I have received an email within a minute from it. Any pointers?It might be sending emails, but it might not be configured to receive emails (or if it does, perhaps it receives emails from another IP that's assigned to the same host). It only needs to have an open port if it receives emails. Another possibility is that firewall rules are only allowing the IPs of authorised hosts to send emails, which the host will relay to anywhere, which is why the SMTP port looks filtered to you, but you're still able to receive emails from it.
True, this might be a possibility and I was wondering if there's a work around for this. Also, I looked at Fyodor's defcon '10 hack " -v -sV -T4 -O --osscan-guess -oA -ms-smbscan --script=smb-enum-domains,smb-enum-processes,smb-enum-sessions,smb-enum-shares,smb-enum-users,smb-os-discovery,smb-security-mode,smb-system-info" and it seems to be working for some IPs. Say for example I took 100 IPs, out of which this script worked for 90% of the cases. Is it possible to beat the firewall (if that's the case) ? Utkarsh
Rob
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- help -- nmap not probing filtered ports Utkarsh Shrivastava (Oct 11)
- Re: help -- nmap not probing filtered ports Rob Nicholls (Oct 12)
- Re: help -- nmap not probing filtered ports Utkarsh Shrivastava (Oct 12)
- Re: help -- nmap not probing filtered ports Rob Nicholls (Oct 12)