Re: nmap not working properly...showing ports as filtered, but ncat banner grab works

[Hani Benhabiles <kroosec () gmail com>]

Works fine for me.

hani@JustD:~$ nmap -PN -sV -p 22 69.163.181.91

Starting Nmap 5.61TEST3 ( http://nmap.org ) at 2012-01-16 15:04 CET
Nmap scan report for apache2-grog.argonauts.dreamhost.com (69.163.181.91)
Host is up (0.19s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 5.1p1 Debian 5 (protocol 2.0)
Service Info: OS: Linux; CPE: cpe:/o:linux:kernel


Try to use the latest version.

Cheers,
Hani.


On Mon, Jan 16, 2012 at 9:59 AM, Joseph McCray <joe () strategicsec com> wrote:

> Building a box right now. Any IP that I scan comes back as ports being
> filtered, but ncat allows me to bannergrab the host.
>
>
>
> Never seen that before. It does this for any port on any IP - ncat
> bannergrab works, but not a portscan. Any ideas?
>
>
>
> root@shrek:~# ncat 69.163.181.91 22     <-- This works fine
>
> SSH-2.0-OpenSSH_5.1p1 Debian-5
>
>
>
> root@shrek:~# nmap -PN -sV -p 22 69.163.181.91             <-- This
> doesn't
> work - always shows filtered
>
>
>
> PORT   STATE    SERVICE
>
> 22/tcp filtered ssh
>
>
>
> Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds
>
>
>
>
>
>
>
> Below is my system info:
>
> ---------------------------------
>
>
>
> root@shrek:~# cat /etc/issue
>
> Ubuntu 11.04 \n \l
>
>
>
> root@shrek:~# uname -a
>
> Linux shrek.xxxxxxxxx.xxx 2.6.18-028stab095.1 #1 SMP Mon Oct 24 20:15:15
> MSD
> 2011 i686 i686 i386 GNU/Linux
>
>
>
>
>
> root@shrek:~# nmap -V
>
>
>
> Nmap version 5.21 ( http://nmap.org )
>
>
>
>
>
> root@shrek:~# dpkg --get-selections | grep pcap
>
> libpcap0.8                                      install
>
>
>
>
>
> root@shrek:~# /sbin/iptables -L
>
> Chain INPUT (policy ACCEPT)
>
> target     prot opt source               destination
>
>
>
> Chain FORWARD (policy ACCEPT)
>
> target     prot opt source               destination
>
>
>
> Chain OUTPUT (policy ACCEPT)
>
> target     prot opt source               destination
>
>
>
>
>
>
>
>
>
>
>
> Joe McCray
>
>
>
> Toll Free:             1-866-892-2132
>
> Email:                 joe () strategicsec com
>
> LinkedIn:              http://www.linkedin.com/in/joemccray
>
> Twitter:               http://twitter.com/j0emccray
>
> Slideshare:            http://www.slideshare.net/joemccray
>
> GPG Key:               http://strategicsec.com/JoeStrategicSec_Public.key
>
> Website:               http://strategicsec.com
>
>
>
>
>
>
>
> When NASA began the launch of astronauts into space, they found out that
>
> the pens wouldn't work at zero gravity (ink won't flow down to the
>
> writing surface). To solve this problem, it took them one decade and $12
>
> million. They developed a pen that worked at zero gravity, upside down,
>
> underwater, in practically any surface including crystal and in a
>
> temperature range from below freezing to over 300 degrees C.
>
>
>
> And what did the Russians do...?? They used a pencil.
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/



-- 
M. Hani Benhabiles
OWASP Algeria SC founder and president.
Email: hani.benhabiles () owasp org

Blog: http://kroosec.blogspot.com
Twitter: kroosec <https://twitter.com/#%21/kroosec>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/