Nmap Development mailing list archives
nmap scans on FreeBSD showing incorrect results
From: Vincent Stemen <vince.nmap () hightek org>
Date: Tue, 19 Sep 2017 20:11:59 -0500
Hi. On FreeBSD 11.1 release I am getting inconsistent results from nmap version 7.40. It is randomly showing some ports as filtered even though they are not. I am wondering if this could be a bug in nmap when running on FreeBSD. For comparison, I ran nmap version 7.40 on Linux Debian 4.9.30 and I do not have the problem. It consistently correctly shows all unfiltered ports. The host being scanned is running a packet filter firewall on FreeBSD 11.1. I also ran a few of the same tests from a FreeBSD 10.3-RELEASE-p11 machine, running nmap-7.12 and got similar inconsistent results. On these tests, there are 5 unfiltered ports. If it has been at least a minute or so since the last scan, it seems to output the correct results. # nmap -p 1000-1040 pt02 Starting Nmap 7.40 ( https://nmap.org ) at 2017-09-19 18:21 CDT Nmap scan report for pt02 (xx.xx.xx.xx) Host is up (0.026s latency). Not shown: 36 filtered ports PORT STATE SERVICE 1000/tcp open cadlock 1001/tcp open webpush 1002/tcp closed windows-icfw 1003/tcp closed unknown 1004/tcp closed unknown Nmap done: 1 IP address (1 host up) scanned in 4.89 seconds ------------------------------------- But if I run the scan again, I get random wrong results. # nmap -p 1000-1040 pt02 Starting Nmap 7.40 ( https://nmap.org ) at 2017-09-19 18:21 CDT Nmap scan report for pt02 (xx.xx.xx.xx) Host is up (0.024s latency). Not shown: 39 filtered ports PORT STATE SERVICE 1000/tcp open cadlock 1004/tcp closed unknown Nmap done: 1 IP address (1 host up) scanned in 1.79 seconds ???? This is outright wrong. Why does it only show 2 unfiltered ports? ???? ------------------------------------- It is not consistant about which ports it shows as being unfiltered. # nmap -p 1000-1030 pt02 Starting Nmap 7.40 ( https://nmap.org ) at 2017-09-19 18:29 CDT Nmap scan report for pt02 (xx.xx.xx.xx) Host is up (0.024s latency). Not shown: 29 filtered ports PORT STATE SERVICE 1001/tcp open webpush 1002/tcp closed windows-icfw Nmap done: 1 IP address (1 host up) scanned in 1.77 seconds ------------------------------------- If I scan *no more* than 10 ports, it seems to always be correct.
From 15 on up it appears to get more and more inconsistant.
# nmap -p 1000-1010 pt02 Starting Nmap 7.40 ( https://nmap.org ) at 2017-09-19 18:32 CDT Nmap scan report for pt02 (xx.xx.xx.xx) Host is up (0.025s latency). PORT STATE SERVICE 1000/tcp open cadlock 1001/tcp open webpush 1002/tcp closed windows-icfw 1003/tcp closed unknown 1004/tcp closed unknown 1005/tcp filtered unknown 1006/tcp filtered unknown 1007/tcp filtered unknown 1008/tcp filtered ufsd 1009/tcp filtered unknown 1010/tcp filtered surf Nmap done: 1 IP address (1 host up) scanned in 3.99 seconds _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap scans on FreeBSD showing incorrect results Vincent Stemen (Sep 19)
- Re: nmap scans on FreeBSD showing incorrect results Daniel Miller (Sep 20)
- Re: nmap scans on FreeBSD showing incorrect results Vincent Stemen (Sep 21)
- Re: nmap scans on FreeBSD showing incorrect results Daniel Miller (Sep 20)