Nmap Development mailing list archives

Re: nmap not working properly...showing ports as filtered, but ncat banner grab works

From: Robin Wood <robin () digininja org>
Date: Mon, 16 Jan 2012 09:40:39 +0000

On 16 January 2012 08:59, Joseph McCray <joe () strategicsec com> wrote:

Building a box right now. Any IP that I scan comes back as ports being
filtered, but ncat allows me to bannergrab the host.



Never seen that before. It does this for any port on any IP - ncat
bannergrab works, but not a portscan. Any ideas?



root@shrek:~# ncat 69.163.181.91 22     <-- This works fine

SSH-2.0-OpenSSH_5.1p1 Debian-5



root@shrek:~# nmap -PN -sV -p 22 69.163.181.91             <-- This doesn't
work - always shows filtered



PORT   STATE    SERVICE

22/tcp filtered ssh



Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds







Below is my system info:

---------------------------------



root@shrek:~# cat /etc/issue

Ubuntu 11.04 \n \l



root@shrek:~# uname -a

Linux shrek.xxxxxxxxx.xxx 2.6.18-028stab095.1 #1 SMP Mon Oct 24 20:15:15 MSD
2011 i686 i686 i386 GNU/Linux





root@shrek:~# nmap -V



Nmap version 5.21 ( http://nmap.org )





root@shrek:~# dpkg --get-selections | grep pcap

libpcap0.8                                      install





root@shrek:~# /sbin/iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination



Chain FORWARD (policy ACCEPT)

target     prot opt source               destination



Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination


nmap works fine from here:

 nmap -PN -sV -p 22 69.163.181.91

Starting Nmap 5.21 ( http://nmap.org ) at 2012-01-16 09:39 GMT
Nmap scan report for apache2-grog.argonauts.dreamhost.com (69.163.181.91)
Host is up (0.16s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 5.1p1 Debian 5 (protocol 2.0)
Service Info: OS: Linux

Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.96 seconds

Robin
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Robin Wood (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Hani Benhabiles (Jan 16)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works David Fifield (Jan 16)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
    - Re: nmap not working properly...showing ports as filtered, but ncat banner grab works 'David Fifield' (Jan 20)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)