Re: weird nmap problems

[Jon Passki <jon.passki () hursk com>]

On Jul 11, 2006, at 10:40 PM, Joshua Perrymon wrote:

> [root@agentdev root]# nmap www. <http://www.xxx.com> xxx.com -p 80
>
> Starting Nmap 3.95 (  <http://www.insecure.org/nmap/>
> http://www.insecure.org/nmap/ ) at 2006-07-12 12:53 EST
> Interesting ports on  <ftp://ftp.xxxx.com> ftp.xxxx.com (xx.xx.xx.xx):
> PORT   STATE    SERVICE
> 80/tcp filtered http
>
> Nmap finished: 1 IP address (1 host up) scanned in 0.368 seconds
> [root@agentdev root]# nmap  <http://www.xxxxx.com> www.xxxxx.com -p  
> 80 -P0
>
> Starting Nmap 3.95 (  <http://www.insecure.org/nmap/>
> http://www.insecure.org/nmap/ ) at 2006-07-12 12:53 EST
> Interesting ports on  <ftp://ftp.xxxxxx.com> ftp.xxxxxx.com (xx.xx. 
> 254.253):
> PORT   STATE SERVICE
> 80/tcp open  http
>
>
> It seems that the scan returns filtered with this command
>     [root@agentdev root]# nmap  <http://www.xxx.com/> www.xxx.com - 
> p 80
>
> But If I add the -P0 switch it comes back with an open port?????
>
> Is this something on my network or nmap?

By default, nmap will try to discover if the host is active before  
scanning, which (by default) uses the ICMP echo request / reply  
method.  If the host is not discovered, nmap will consider the host  
not up (and all ports on it filtered).  When you specified -P0, you  
requested nmap to skip the host discovery phase and perform the TCP  
connect scan (default scan type) on the port specified.  Clear as  
mud, eh? ;-)  So, the results you had in all cases are expected and  
nmap is performing correctly.


> Thanks!

NP!

Jon



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev