Re: Fragscan not working?

[Ron <ron () skullsecurity net>]

> From further tests, I can tell that -f works fine, but that something on my network was blocking it (it seems like it 
> was the switch, because I wasn't going through the firewall). 

My bad, false alarm :)

And for what it's worth, a great backup way to test is using hping3 -f, which Brandon suggested to me. 

On Wed, 7 Apr 2010 09:30:01 -0500 Ron <ron () skullsecurity net> wrote:
> My friend reported fragscan (-f) not working on the latest version of
> Nmap. I tried a couple experiments (both against hosts on the local
> network and off the local network) and got absolutely no responses
> (ie, 'no ports open'). 
>
> $ sudo ./nmap -f x.x.x.250
> Starting Nmap 5.30BETA1 ( http://nmap.org ) at 2010-04-07 09:39 CDT
> Nmap scan report for x.x.x.250
> Host is up (0.00045s latency).
> All 1000 scanned ports on x.x.x.250 are filtered
> MAC Address: 00:0B:DB:94:12:58 (Dell ESG Pcba Test)
> Nmap done: 1 IP address (1 host up) scanned in 21.59 seconds
>
>
>
> ron@IPCNESSUS02P:~/tools/nmap$ sudo ./nmap x.x.x.250
> Starting Nmap 5.30BETA1 ( http://nmap.org ) at 2010-04-07 09:40 CDT
> Nmap scan report for x.x.x.250
> Host is up (0.00034s latency).
> Not shown: 990 closed ports
> PORT      STATE SERVICE
> 135/tcp   open  msrpc
> 139/tcp   open  netbios-ssn
> 445/tcp   open  microsoft-ds
> 1025/tcp  open  NFS-or-IIS
> 2161/tcp  open  apc-agent
> 3052/tcp  open  powerchute
> 3389/tcp  open  ms-term-serv
> 13722/tcp open  netbackup
> 13782/tcp open  netbackup
> 13783/tcp open  netbackup
> MAC Address: 00:0B:DB:94:12:58 (Dell ESG Pcba Test)
>
>
> -- 
> Ron Bowes
> http://www.skullsecurity.org
> http://www.twitter.com/iagox86


-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86

Attachment: _bin
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/