Penetration Testing mailing list archives
Re: nmap
From: Taufiq Ali <taufiq.ali () niiconsulting com>
Date: Wed, 30 Jul 2008 09:38:43 +0530
Hey,By default if you run the nmap scan on any site it runs the syn stealth scan. If you are getting all the ports open this could be a false positive. However to confirm your results try -sS, -sA (normally used to get through a packet filtering device)or -sT. If you are still getting all the ports open then try running hping from a linux box to confirm your results.
-- Taufiq Ali CEH Lead Security Programmer www.niiconsulting.com Fábio Russo wrote:
2008/7/29 Fábio Russo <fabio.contin.russo () gmail com>Hi dude, What happens if you try with the '-P0' switch ? I beleve you should've tried something like this: 'nmap -vsS -P0 <address>' because the '-PN' switch will only treat host as online. I don't think it is gonna work, but it's only a guess. I hope it's usefull... 2008/7/29 Michael Kitange <michaelkitange () gmail com>hi, i tried to nmap a site and it said that the pings are blocked and i had to use the '-PN' switch. well the result which i got was that all the posts were open. though if i telnet to those posts, they appear to be closed. can that be done? fooling that all ports are open on the server if it can be, then how? ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web ApplicationsGet 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------