Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nmap - Mind of it's own.

From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 26 Sep 2008 15:04:12 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Xia Shing Zee wrote:

nmap -v -v -iR 100 -PN -p 21 --open

When using the above command, it appears that Nmap will start to show open
FTP ports (Port 21), however, when the scan is complete, it will show many
filtered ports that were specified not to be shown.

Is this a bug or is the command inputted wrongly? I sense Nmap has a mind of
it's own.



I ran your command and here's a snippet of the output:


Host x.x.x.x appears to be up ... good.
Scanned at 2008-09-26 14:52:06 CDT for 3s
Interesting ports on x.x.x.x:
PORT   STATE SERVICE
21/tcp open  ftp

Host y.y.y.y appears to be up ... good.
The 1 scanned port on y.y.y.y is filtered

Host z.z.z.z appears to be up ... good.
The 1 scanned port on z.z.z.z is filtered


Is this what you're referring to?

I don't feel this is a bug because the filtered ports are not shown in an
output table like open ones.  They are in a consolidated "extra ports" group
like I think they should be.

You an see this comparing the XML output of a scan with and without --open.

Here is a filtered port without --open:


<ports><port protocol="tcp" portid="21"><state state="filtered"
reason="no-response" reason_ttl="0"/><service name="ftp" method="table"
conf="3" /></port>


And with --open:


<ports><extraports state="filtered" count="1">
<extrareasons reason="no-response" count="1"/>
</extraports>



-Xia Shing Zee



Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSN1AOv9K37xXYl36AQKcCBAAm9TegIyunvdttuOLzUAlToClZcJOYjDF
jP7/MBbX256D93Zq2wcwJurrcpG9TyKMR0vYhOctrlKdJ2apdXAO0uQJAx7s7Ssc
8qW5BrRp2H7WDpUkNDVBoDORUzcc8jh8GvS7JcOEdDxigIM9/vvSB11SG6Ndi6dr
bWRXQM88E/yd3h6QuwXmwuzFoEBCtmkHG3LQ4M6gCque5L4Xtohw9Obxb5JsFyE7
DjGjGHL8XHZ2LNv4dujb1q0wUd3inbuhZ61marbAN7ovxxMBJfnSO7kY6/V7JLkH
wb8L9RPhVgUgod0fXQ2hrJNIJpFRS9Xfez4hB1CslO8akbe0Y12JZShocDY+4GGL
sEmMoQBxS8uEP2PKhKwQTdbMAkc32ZL+rrYFeC0oGPkhZcxKj3P1SsVU1B7KR4d/
nJknL1vJEG+OXGa1YvuPyTBJ/+0ej5oyH/XZaNCmyNPrhePQ1vvMizjfOtbNsMqo
KwGKAsSqoL2PCfKqb4/GSmoJLKxTtw+UAV/bHCk68eYHm4f8NXpOvjvvEa/4YUbb
rq3tA641VDyi1PzuPFF0kmkTm2q2GCS4DN8G2sfKtuq4RWIf+HS4DR1/03nHjm76
0lL44Fe4tzaZEK78OWB8wVZtHRNzQ4J8ZDzfHpZll5sfi9nUcaI2xTSaPKYWKSv/
W6kd4ys1XKw=
=Q22X
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: