Re: Bug in output reporting of open ports

[David Fifield <david () bamsoftware com>]

On Mon, Jul 18, 2011 at 04:46:18PM +0200, Roberto Bonalumi wrote:
> Hello,
> after some testing and documentation reading, I am quite confident that I
> found a bug in output creation. Here follows the bug description:
>
> Nmap version 5.51 with Zenmap installed
> OS Windows XP Professional SP3
>
> I started nmap with the following command:
>
> *nmap -sS -sU -p 1-65535 -T5 -v -v -v -v -n -oN output.nmap -oX output.xml
> -Pn 192.168.xxx.0/24*
>
> where 192.168.xxx.0/24 is a different subnet from the local one.
>
> Interactive output correctly shows there are some open ports on some hosts.
> Normal output and XML output does *NOT *report any open port - and this is
> the bug.
>
> This bug implies that If you need to use nmap to check whether two different
> subnets are correctly isolated or not, you cannot rely on normal or XML
> output, but you need to capture the interactive output.
>
> Please note that i found the same bug on the same system without using
> Zenmap, and also using nmap version 4.62 on a Linux box.

Thank you for making this report. Please send us output samples so we
can see more clearly what you are describing. Include the section of
interactive output that shows the open port, and the section for for
each of the affected hosts in normal and XML output.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/