Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap not working properly...showing ports as filtered, but ncat banner grab works

From: David Fifield <david () bamsoftware com>
Date: Mon, 16 Jan 2012 11:19:26 -0800
On Mon, Jan 16, 2012 at 03:59:54AM -0500, Joseph McCray wrote:

Building a box right now. Any IP that I scan comes back as ports being
filtered, but ncat allows me to bannergrab the host. 

Never seen that before. It does this for any port on any IP - ncat
bannergrab works, but not a portscan. Any ideas?

root@shrek:~# ncat 69.163.181.91 22     <-- This works fine
SSH-2.0-OpenSSH_5.1p1 Debian-5

root@shrek:~# nmap -PN -sV -p 22 69.163.181.91             <-- This doesn't
work - always shows filtered

PORT   STATE    SERVICE
22/tcp filtered ssh


Try the --packet-trace option to see what is being sent and received.

Is it only this target that has the problem, or all targets from your
particular scanning machine?

If it is only this one target, try to get a packet capture ("tcpdump -w
dump.pcap host 69.163.181.91").

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: