Nmap Development mailing list archives
Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!)
From: David Fifield <david () bamsoftware com>
Date: Sat, 4 Jul 2015 14:57:52 -0700
On Sat, Jul 04, 2015 at 11:16:34PM +0200, Jacek Wielemborek wrote:
W dniu 04.07.2015 o 23:12, David Fifield pisze:It worked for me. Without a proxy, it took 3.95 seconds to find 3 open ports, 6 filtered, and 991 closed. With a Tor proxy, it took 155 seconds to find 3 open ports and 997 closed|filtered ports.Thanks for testing, David! The results are a bit worrying though. Does your ISP filter port 3006? Are you getting back consistent -sT results with no proxy?
I ran a few times without a proxy and got inconsistent filtered results. I ran again with a proxy and this time it took longer, 811 seconds. Ordinary SYN scan finds only ports 139 and 445 filtered. (After a curiously long time, 274 seconds.) $ sudo ./nmap -sT scanme.nmap.org Starting Nmap 6.49SVN ( https://nmap.org ) at 2015-07-04 14:27 PDT Nmap scan report for scanme.nmap.org (45.33.32.156) Host is up (0.098s latency). Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f rDNS record for 45.33.32.156: li982-156.members.linode.com Not shown: 976 closed ports PORT STATE SERVICE 22/tcp open ssh 26/tcp filtered rsftp 79/tcp filtered finger 80/tcp open http 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 722/tcp filtered unknown 800/tcp filtered mdbs_daemon 898/tcp filtered sun-manageconsole 1026/tcp filtered LSA-or-nterm 1839/tcp filtered netopia-vo1 2043/tcp filtered isis-bcast 2910/tcp filtered tdaccess 3476/tcp filtered nppmp 5054/tcp filtered rlm-admin 5811/tcp filtered unknown 5963/tcp filtered indy 6692/tcp filtered unknown 6839/tcp filtered unknown 7999/tcp filtered irdmi2 8100/tcp filtered xprint-server 9009/tcp filtered pichat 9929/tcp open nping-echo 20000/tcp filtered dnp Nmap done: 1 IP address (1 host up) scanned in 5.86 seconds $ sudo ./nmap -sT scanme.nmap.org Starting Nmap 6.49SVN ( https://nmap.org ) at 2015-07-04 14:27 PDT Nmap scan report for scanme.nmap.org (45.33.32.156) Host is up (0.098s latency). Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f rDNS record for 45.33.32.156: li982-156.members.linode.com Not shown: 974 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 543/tcp filtered klogin 783/tcp filtered spamassassin 808/tcp filtered ccproxy-http 843/tcp filtered unknown 1048/tcp filtered neod2 1088/tcp filtered cplscrambler-al 1113/tcp filtered ltp-deepspace 1443/tcp filtered ies-lm 2525/tcp filtered ms-v-worlds 3828/tcp filtered neteh 3945/tcp filtered emcads 5907/tcp filtered unknown 8022/tcp filtered oa-system 8083/tcp filtered us-srv 8291/tcp filtered unknown 9099/tcp filtered unknown 9535/tcp filtered man 9929/tcp open nping-echo 9968/tcp filtered unknown 10024/tcp filtered unknown 15742/tcp filtered unknown 32769/tcp filtered filenet-rpc Nmap done: 1 IP address (1 host up) scanned in 4.59 seconds $ ./nmap -sT --proxy socks4://127.0.0.1:9050 scanme.nmap.org Starting Nmap 6.49SVN ( https://nmap.org ) at 2015-07-04 14:28 PDT Nmap scan report for scanme.nmap.org (45.33.32.156) Host is up (0.79s latency). Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f rDNS record for 45.33.32.156: li982-156.members.linode.com Not shown: 997 closed|filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 9929/tcp open nping-echo Nmap done: 1 IP address (1 host up) scanned in 811.03 seconds $ sudo ./nmap scanme.nmap.org Starting Nmap 6.49SVN ( https://nmap.org ) at 2015-07-04 14:42 PDT Nmap scan report for scanme.nmap.org (45.33.32.156) Host is up (0.025s latency). Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f rDNS record for 45.33.32.156: li982-156.members.linode.com Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 9929/tcp open nping-echo Nmap done: 1 IP address (1 host up) scanned in 274.00 seconds _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 03)
- Message not available
- Message not available
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jasey DePriest (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Daniel Miller (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Message not available
- Message not available
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 14)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)