Nmap Development mailing list archives
RE: nmap not working properly...showing ports as filtered, but ncat banner grab works
From: "Joseph McCray" <joe () strategicsec com>
Date: Mon, 16 Jan 2012 15:43:31 -0500
I think I wasn't very clear.I don't think nmap is broken (as a whole), I think there is a misconfiguration on my host. I will try to rebuild from source instead of apt-get. Joe McCray Toll Free: 1-866-892-2132 Email: joe () strategicsec com LinkedIn: http://www.linkedin.com/in/joemccray Twitter: http://twitter.com/j0emccray Slideshare: http://www.slideshare.net/joemccray GPG Key: http://strategicsec.com/JoeStrategicSec_Public.key Website: http://strategicsec.com When NASA began the launch of astronauts into space, they found out that the pens wouldn't work at zero gravity (ink won't flow down to the writing surface). To solve this problem, it took them one decade and $12 million. They developed a pen that worked at zero gravity, upside down, underwater, in practically any surface including crystal and in a temperature range from below freezing to over 300 degrees C. And what did the Russians do...?? They used a pencil. From: Hani Benhabiles [mailto:kroosec () gmail com] Sent: Monday, January 16, 2012 9:07 AM To: Joseph McCray Cc: nmap-dev () insecure org Subject: Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Works fine for me. hani@JustD:~$ nmap -PN -sV -p 22 69.163.181.91 Starting Nmap 5.61TEST3 ( http://nmap.org ) at 2012-01-16 15:04 CET Nmap scan report for apache2-grog.argonauts.dreamhost.com (69.163.181.91) Host is up (0.19s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0) Service Info: OS: Linux; CPE: cpe:/o:linux:kernel Try to use the latest version. Cheers, Hani. On Mon, Jan 16, 2012 at 9:59 AM, Joseph McCray <joe () strategicsec com> wrote: Building a box right now. Any IP that I scan comes back as ports being filtered, but ncat allows me to bannergrab the host. Never seen that before. It does this for any port on any IP - ncat bannergrab works, but not a portscan. Any ideas? root@shrek:~# ncat 69.163.181.91 22 <-- This works fine SSH-2.0-OpenSSH_5.1p1 Debian-5 root@shrek:~# nmap -PN -sV -p 22 69.163.181.91 <-- This doesn't work - always shows filtered PORT STATE SERVICE 22/tcp filtered ssh Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds Below is my system info: --------------------------------- root@shrek:~# cat /etc/issue Ubuntu 11.04 \n \l root@shrek:~# uname -a Linux shrek.xxxxxxxxx.xxx 2.6.18-028stab095.1 #1 SMP Mon Oct 24 20:15:15 MSD 2011 i686 i686 i386 GNU/Linux root@shrek:~# nmap -V Nmap version 5.21 ( http://nmap.org ) root@shrek:~# dpkg --get-selections | grep pcap libpcap0.8 install root@shrek:~# /sbin/iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Joe McCray Toll Free: 1-866-892-2132 Email: joe () strategicsec com LinkedIn: http://www.linkedin.com/in/joemccray Twitter: http://twitter.com/j0emccray Slideshare: http://www.slideshare.net/joemccray GPG Key: http://strategicsec.com/JoeStrategicSec_Public.key Website: http://strategicsec.com When NASA began the launch of astronauts into space, they found out that the pens wouldn't work at zero gravity (ink won't flow down to the writing surface). To solve this problem, it took them one decade and $12 million. They developed a pen that worked at zero gravity, upside down, underwater, in practically any surface including crystal and in a temperature range from below freezing to over 300 degrees C. And what did the Russians do...?? They used a pencil. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/ -- M. Hani Benhabiles OWASP Algeria SC founder and president. Email: hani.benhabiles () owasp org Blog: http://kroosec.blogspot.com Twitter: kroosec <https://twitter.com/#%21/kroosec> _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Robin Wood (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Hani Benhabiles (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works David Fifield (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works 'David Fifield' (Jan 20)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)