Nmap Development mailing list archives

RE: Nmap 4.75 Posted!

From: Aaron Leininger <rilian4 () hotmail com>
Date: Mon, 8 Sep 2008 09:37:41 -0700

nmap 4.75 compiles fine on my debian box. I ran it on a box on my network and got the following:
$ sudo nmap -sS my_target

Starting Nmap 4.75 ( http://nmap.org ) at 2008-09-08 09:27 PDT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and 
consistency reasons.  set NMAPDIR=. to give priority to files in your local directory (may affect the other data files 
too).
Interesting ports on ths-aleininger-desktop.ttsd.k12.or.us (my_target):
Not shown: 986 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1049/tcp  open  unknown
1050/tcp  open  java-or-OTGfileshare
2701/tcp  open  unknown
2702/tcp  open  unknown
5800/tcp  open  vnc-http
5900/tcp  open  vnc
8192/tcp  open  unknown
8193/tcp  open  unknown
8194/tcp  open  unknown
16992/tcp open  unknown
16993/tcp open  unknown
MAC Address: 00:1C:C0:4E:3A:E7 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 1.56 seconds


Compare that to the output of nmap 4.68 using the same command and same host:
-------------------------------------------------------------------------------------------------
Starting Nmap 4.68 ( http://nmap.org ) at 2008-09-08 09:31 PDT
Interesting ports on my_target:
Not shown: 1709 closed ports
PORT     STATE SERVICE
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1050/tcp open  java-or-OTGfileshare
5800/tcp open  vnc-http
5900/tcp open  vnc

Nmap done: 1 IP address (1 host up) scanned in 1.385 seconds

I ran a test with hping on port 16992 shown in 4.75 as open with the following results:
# hping -S -p 16992 -c 1 my_target
HPING 10.4.0.106 (eth0 10.4.0.106): S set, 40 headers + 0 data bytes
len=46 ip=10.4.0.106 ttl=128 DF id=16544 sport=16992 flags=SA seq=0 win=64512 rtt=0.5 ms

It did come back with SYN and ACK flagged so it seems as if 4.75 is correct. What is odd is that 4.68 doesn't show 
those ports. Is 4.75 set to scan a larger range of ports by default?
Aaron

Hi folks.  Nobody found any show-stopping bugs in the last 24 hours,
so I've built version 4.75 and posted it to the download page!

http://nmap.org/download.html

Please give it a try and report any problems, as we still have a
little bit of time left before I announce it to nmap-hackers...



_________________________________________________________________
See how Windows connects the people, information, and fun that are part of your life.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093175mrt/direct/01/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: Nmap 4.75 Posted!, (continued)
- Re: Nmap 4.75 Posted! jah (Sep 07)
- Re: Nmap 4.75 Posted! Lionel Cons (Sep 08)
  - Re: Nmap 4.75 Posted! David Fifield (Sep 08)
    - Re: Nmap 4.75 Posted! Lionel Cons (Sep 09)
    - Re: Nmap 4.75 Posted! sara fink (Sep 09)
    - Nmap 4.75 -- make error Aaron Leininger (Sep 10)
    - Re: Nmap 4.75 -- make error David Fifield (Sep 10)
    - RE: Nmap 4.75 -- make error - Fixed Aaron Leininger (Sep 11)
    - Re: Nmap 4.75 -- make error - Fixed David Fifield (Sep 11)
    - RE: Nmap 4.75 -- make error - Fixed Aaron Leininger (Sep 11)
- RE: Nmap 4.75 Posted! Aaron Leininger (Sep 08)
  - Re: Nmap 4.75 Posted! Ron (Sep 08)