Nmap Development mailing list archives
Re: Possible bug?
From: Mike Calmus via dev <dev () nmap org>
Date: Sat, 8 Aug 2020 16:53:57 -0400
FWIW I see the same results on that host using nmap 7.80 on MacOS. Nmap version 7.80 ( https://nmap.org ) Platform: x86_64-apple-darwin17.7.0 Compiled with: nmap-liblua-5.3.5 openssl-1.0.2s nmap-libssh2-1.8.2 libz-1.2.11 nmap-libpcre-7.6 nmap-libpcap-1.9.0 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: kqueue poll select Running the command requested I get:
nmap -d -p1-10,80,443 65.199.38.168
Starting Nmap 7.80 ( https://nmap.org ) at 2020-08-08 16:30 EDT --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- Initiating Ping Scan at 16:30 Scanning 65.199.38.168 [2 ports] Completed Ping Scan at 16:30, 0.02s elapsed (1 total hosts) Overall sending rates: 110.59 packets / s. mass_rdns: Using DNS server 192.168.86.1 Initiating Parallel DNS resolution of 1 host. at 16:30 mass_rdns: 0.05s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 16:30, 0.04s elapsed DNS resolution of 1 IPs took 0.05s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0] Initiating Connect Scan at 16:30 Scanning 65.199.38.168 [12 ports] Discovered open port 443/tcp on 65.199.38.168 Completed Connect Scan at 16:30, 1.21s elapsed (12 total ports) Overall sending rates: 19.00 packets / s. Nmap scan report for 65.199.38.168 Host is up, received syn-ack (0.018s latency). Scanned at 2020-08-08 16:30:58 EDT for 1s PORT STATE SERVICE REASON 1/tcp filtered tcpmux no-response 2/tcp filtered compressnet no-response 3/tcp filtered compressnet no-response 4/tcp filtered unknown no-response 5/tcp filtered rje no-response 6/tcp filtered unknown no-response 7/tcp filtered echo no-response 8/tcp filtered unknown no-response 9/tcp filtered discard no-response 10/tcp filtered unknown no-response 80/tcp filtered http no-response 443/tcp open https syn-ack Final times for host: srtt: 17654 rttvar: 13448 to: 100000 Read from /usr/local/bin/../share/nmap: nmap-payloads nmap-services. Nmap done: 1 IP address (1 host up) scanned in 1.36 seconds
On Jul 22, 2020, at 4:57 PM, Daniel Miller <bonsaiviking () gmail com> wrote: Shaun, That's an interesting problem. I can see you're using Nmap on Windows; which version of Npcap are you using? You can get this information by running: nmap --version What is the output of the following command when port 443 is open and also when it is closed? nmap -d -p1-10,80,443 Dan On Mon, Jul 20, 2020 at 1:39 AM Shaun Michelson via dev <dev () nmap org <mailto:dev () nmap org>> wrote: I have come across a case where, if you open port 443 on a public facing interface, nmap will report dozens of other open ports on that host. If you then close port 443, nmap cannot detect the host at all. I have replicated on multiple hosts running both Ubuntu and Windows Server OS. Attached are the results of an example nmap scan on a machine with a single port open (443), the results of which show dozens of other ports open. Also attached are a port probe using grc.com <http://grc.com/> ShieldsUp service, the results of which show only port 443 open, as expected. Just checking to see if anyone is aware of this behavior and if so what is the cause? Thanks! Shaun Michelson | Director, Information Technology | Apple Hospitality REIT Ph: 804.727.6339 | smichelson () applereit com <mailto:smichelson () applereit com> www.applehospitalityreit.com <http://www.applehospitalityreit.com/> _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev> Archived at http://seclists.org/nmap-dev/ <http://seclists.org/nmap-dev/>_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Attachment:
smime.p7s
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Possible bug? Shaun Michelson via dev (Jul 19)
- Re: Possible bug? Daniel Miller (Jul 22)
- Re: Possible bug? Mike Calmus via dev (Aug 08)
- Re: Possible bug? Daniel Miller (Jul 22)