Nmap Development mailing list archives
bug or host evasive action?
From: Britton Kerin <britton.kerin () gmail com>
Date: Thu, 19 Apr 2012 20:22:33 -0800
Hi guys, I guess any weirdness you see as a result of scans could be hosts taking evasive action or something, but this strikes me as weird. When I skip host detection, the http server on one of the Linksys wireless routers gets found, but not if I don't: $ nmap -Pn 192.168.1.1 Starting Nmap 5.51 ( http://nmap.org ) at 2012-04-19 20:19 AKDT Nmap scan report for 192.168.1.1 Host is up (0.0061s latency). Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 7.68 seconds $ nmap 192.168.1.1 Starting Nmap 5.51 ( http://nmap.org ) at 2012-04-19 20:19 AKDT Nmap scan report for 192.168.1.1 Host is up (0.012s latency). All 1000 scanned ports on 192.168.1.1 are closed Nmap done: 1 IP address (1 host up) scanned in 7.57 seconds Scanning the entire network also finds the http port: $ nmap 192.168.1.0/24 Starting Nmap 5.51 ( http://nmap.org ) at 2012-04-19 20:02 AKDT Nmap scan report for 192.168.1.1 Host is up (0.0044s latency). Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http Nmap scan report for 192.168.1.25 Host is up (0.029s latency). Not shown: 995 closed ports [snip other hosts] Is the router maybe hiding because it just got discovered or something, or could this be some sort of nmap bug? Thanks, Britton Kerin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- bug or host evasive action? Britton Kerin (Apr 19)
- Re: bug or host evasive action? Daniel Miller (Apr 19)