Nmap Development mailing list archives
Locating filtering hosts
From: Bill Moseley <moseley () hank org>
Date: Mon, 27 Sep 2004 09:00:46 -0700
Is there a way to have nmap find the host that may be filtering ports between two machines? I have a remote host that looks like this: (The 1656 ports scanned but not shown below are in state: filtered) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp closed domain 80/tcp open http The remote machine is not dropping/filtering, but some host along the way. I used tcptraceroute to port 80 and the compared that result with a tcptraceroute to a port that is dropping the SYN packets to figure out what host is filtering. I looked over the nmap man page again and didn't see where nmap could do this. I see there's a -ttl option which might be useful. Could nmap, perhaps, change the ttl to locate where the filtering is happening? -- Bill Moseley moseley () hank org --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Locating filtering hosts Bill Moseley (Sep 27)
- Re: Locating filtering hosts Arturo "Buanzo" Busleiman (Sep 27)