Nmap Development mailing list archives
Re: Windows 7
From: Rob Nicholls <robert () robnicholls co uk>
Date: Fri, 04 Feb 2011 09:58:38 +0000
Hi Christo On Fri, 4 Feb 2011 01:01:18 -0800, Christian Savalas wrote:
Despite this, regardless of which address I scan, (even scanme.nmap.org) I am told that 0 hosts are up.
If you add -Pn to the Nmap commands you're running, Nmap will assume the host is up and should attempt to scan the host.
Are you able to use Windows' built in "ping" utility to ping a remote host over the internet? e.g.
ping scanme.nmap.org
Pinging scanme.nmap.org [64.13.134.52] with 32 bytes of data: Reply from 64.13.134.52: bytes=32 time=145ms TTL=50 Reply from 64.13.134.52: bytes=32 time=145ms TTL=50 Reply from 64.13.134.52: bytes=32 time=145ms TTL=50 Reply from 64.13.134.52: bytes=32 time=145ms TTL=50This is one of the checks that Nmap tries to determine if a host is up. If you don't get a response then it's possible that your ISP is filtering ICMP traffic.
Are you able to view http://scanme.nmap.org using your browser? You should get a white page with a message from Fyodor in black text. If you can see this, then you can access port 80/TCP. This is another port that Nmap will try in order to determine whether a host is up. If you can't see the web page then something bad is happening.
Have you tried running Wireshark at the same time as an Nmap scan? This would let you see if packets are sent from or returned to your host. I'd be surprised if Nmap is failing to identify the returned packets, but this might happen if you have teamed NICs, for example.
If you add -d to the Nmap command you'll see some debug information, including a line like:
Packet capture filter (device eth7): dst host xx.xx.xx.xx and (icmp or ((tcp or udp or sctp) and (src host xx.xx.xx.xx)))
If you run "nmap --iflist" you should see a list of interfaces (and routes). It's possible that the correct NIC isn't picked up by Nmap and it's trying to send packets over the wrong interface (and getting nothing back). You can use -e to state the correct interface to use, e.g.
nmap scanme.nmap.org -e eth7
Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-02-04 09:57 GMT Standard Time
Nmap scan report for scanme.nmap.org (64.13.134.52) Host is up (0.15s latency). Not shown: 993 filtered ports PORT STATE SERVICE 22/tcp open ssh 25/tcp closed smtp 53/tcp open domain 70/tcp closed gopher 80/tcp open http 113/tcp closed auth 31337/tcp closed Elite Nmap done: 1 IP address (1 host up) scanned in 10.00 seconds Rob _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Windows 7 Christian Savalas (Feb 04)
- Re: Windows 7 Rob Nicholls (Feb 04)
- Message not available
- Re: Windows 7 Christian Savalas (Feb 04)
- Message not available
- Message not available
- Message not available
- Re: Windows 7 Christian Savalas (Feb 04)
- RE: Windows 7 Rob Nicholls (Feb 04)
- Re: Windows 7 Christian Savalas (Feb 04)
- RE: Windows 7 Rob Nicholls (Feb 04)
- Re: Windows 7 Christian Savalas (Feb 04)
- Re: Windows 7 Christian Savalas (Feb 04)
- RE: Windows 7 Rob Nicholls (Feb 04)
- Re: Windows 7 David Fifield (Feb 09)
- Re: Windows 7 Christian Savalas (Feb 10)
- Re: Windows 7 Rob Nicholls (Feb 04)