Nmap Development mailing list archives

Re: Nmap Windows Problem

From: David Fifield <david () bamsoftware com>
Date: Tue, 3 Feb 2009 09:07:54 -0700

On Tue, Feb 03, 2009 at 08:51:18PM +1100, Professor 0110 wrote:

Whenever I use Nmap on either my Windows XP or Vista systems and I run a SYN
Scan, Nmap always outputs that EVERY port is open. I don't think this is
normal. How do I fix this without using Linux? I use Nmap 4.76.


Try running with the --reason option. That will add another column to
the output stating why the port is marked open:

# nmap --reason -F scanme.nmap.org
Starting Nmap 4.85BETA3 ( http://nmap.org ) at 2009-02-03 09:04 MST
Interesting ports on scanme.nmap.org (64.13.134.52):
Not shown: 95 filtered ports
Reason: 95 no-responses
PORT    STATE  SERVICE REASON
22/tcp  open   ssh     syn-ack
25/tcp  closed smtp    reset
53/tcp  open   domain  syn-ack
80/tcp  open   http    syn-ack
113/tcp closed auth    reset

If that's not enough information, try the --packet-trace option to see
everything that's sent and received. When you run a UDP scan with -sU
it's normal for every port to be open|filtered, but it's not normal for
every TCP port to be open.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Nmap Windows Problem Professor 0110 (Feb 03)
- Re: Nmap Windows Problem Gisle Vanem (Feb 03)
- Re: Nmap Windows Problem David Fifield (Feb 03)