Nmap Development mailing list archives
so is nmap connect scan broken?
From: "Mike ." <dmciscobgp () hotmail com>
Date: Mon, 9 Feb 2015 06:56:33 +0000
ok. so i have done more than a few tests here to confirm this. first off, this is windows i am on and i am scanning my local router. notice i said ROUTER and not localhost so i dont get flamed here. i know the limitations on that for windows. i just started noticing this because i normally dont do -sT scans. this post must go with that "operation in progress" output because i feel they go together with this issue. so here is my confirmation on it being broken. as i scan my router, lets just use a port not open, i get this with a SYN coming back as a response 4) 192.168.0.16.46975 > 192.168.0.1.1: S, cksum 0x6272 (correct), 3992783572:3992783572(0) win 1024 <mss 1460>IP (tos 0x0, ttl 64, id 28202, offset 0, flags [none], proto: TCP (6), length:40) 192.168.0.1.1 > 192.168.0.16.46975: R, cksum 0x7e1b (correct), 0:0(0) ack 3992783573 win 0 (notice the reset back) connect() output : i get this in nmap 1/tcp filtered tcpmux no-response but notice that packet sniffer output here : ) 192.168.0.16.40137 > 192.168.0.1.1: S, cksum 0xa50e (correct), 1644903897:1644903897(0) win 8192 <mss 1460,nop,nop,sackOK>IP (tos 0x0, ttl 64, id 28210, offset 0, flags [none], proto: TCP (6), length:40) 192.168.0.1.1 > 192.168.0.16.40137: R, cksum 0xf1be (correct), 0:0(0) ack 1win 0 so nmap does not see that reply? anyone feel free to chime in here m|ke (btw, this is NOT just on local subnet scanning, this happens even when i fired off packets to google.com. not only that, but as the scan finishes, it hangs for about 30 sec-min til close. only on connect it does that)
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- so is nmap connect scan broken? Mike . (Feb 08)
- Re: so is nmap connect scan broken? Daniel Miller (Feb 19)