Nmap Development mailing list archives

RE: nmap not working properly...showing ports as filtered, but ncat banner grab works

From: "Joseph McCray" <joe () strategicsec com>
Date: Mon, 16 Jan 2012 15:43:31 -0500

I think I wasn't very clear.I don't think nmap is broken (as a whole), I
think there is a misconfiguration on my host.

 

I will try to rebuild from source instead of apt-get.

 

Joe McCray

 

Toll Free:             1-866-892-2132            

Email:                 joe () strategicsec com

LinkedIn:              http://www.linkedin.com/in/joemccray

Twitter:               http://twitter.com/j0emccray

Slideshare:            http://www.slideshare.net/joemccray

GPG Key:               http://strategicsec.com/JoeStrategicSec_Public.key

Website:               http://strategicsec.com

 

 

 

When NASA began the launch of astronauts into space, they found out that

the pens wouldn't work at zero gravity (ink won't flow down to the

writing surface). To solve this problem, it took them one decade and $12

million. They developed a pen that worked at zero gravity, upside down,

underwater, in practically any surface including crystal and in a

temperature range from below freezing to over 300 degrees C. 

 

And what did the Russians do...?? They used a pencil.

 

From: Hani Benhabiles [mailto:kroosec () gmail com] 
Sent: Monday, January 16, 2012 9:07 AM
To: Joseph McCray
Cc: nmap-dev () insecure org
Subject: Re: nmap not working properly...showing ports as filtered, but ncat
banner grab works

 

Works fine for me.

hani@JustD:~$ nmap -PN -sV -p 22 69.163.181.91

Starting Nmap 5.61TEST3 ( http://nmap.org ) at 2012-01-16 15:04 CET
Nmap scan report for apache2-grog.argonauts.dreamhost.com (69.163.181.91)
Host is up (0.19s latency).
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 5.1p1 Debian 5 (protocol 2.0)
Service Info: OS: Linux; CPE: cpe:/o:linux:kernel


Try to use the latest version.

Cheers,
Hani.



On Mon, Jan 16, 2012 at 9:59 AM, Joseph McCray <joe () strategicsec com> wrote:

Building a box right now. Any IP that I scan comes back as ports being
filtered, but ncat allows me to bannergrab the host.



Never seen that before. It does this for any port on any IP - ncat
bannergrab works, but not a portscan. Any ideas?



root@shrek:~# ncat 69.163.181.91 22     <-- This works fine

SSH-2.0-OpenSSH_5.1p1 Debian-5



root@shrek:~# nmap -PN -sV -p 22 69.163.181.91             <-- This doesn't
work - always shows filtered



PORT   STATE    SERVICE

22/tcp filtered ssh



Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds







Below is my system info:

---------------------------------



root@shrek:~# cat /etc/issue

Ubuntu 11.04 \n \l



root@shrek:~# uname -a

Linux shrek.xxxxxxxxx.xxx 2.6.18-028stab095.1 #1 SMP Mon Oct 24 20:15:15 MSD
2011 i686 i686 i386 GNU/Linux





root@shrek:~# nmap -V



Nmap version 5.21 ( http://nmap.org )





root@shrek:~# dpkg --get-selections | grep pcap

libpcap0.8                                      install





root@shrek:~# /sbin/iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination



Chain FORWARD (policy ACCEPT)

target     prot opt source               destination



Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination











Joe McCray



Toll Free:             1-866-892-2132

Email:                 joe () strategicsec com

LinkedIn:              http://www.linkedin.com/in/joemccray

Twitter:               http://twitter.com/j0emccray

Slideshare:            http://www.slideshare.net/joemccray

GPG Key:               http://strategicsec.com/JoeStrategicSec_Public.key

Website:               http://strategicsec.com







When NASA began the launch of astronauts into space, they found out that

the pens wouldn't work at zero gravity (ink won't flow down to the

writing surface). To solve this problem, it took them one decade and $12

million. They developed a pen that worked at zero gravity, upside down,

underwater, in practically any surface including crystal and in a

temperature range from below freezing to over 300 degrees C.



And what did the Russians do...?? They used a pencil.



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/




-- 

M. Hani Benhabiles
OWASP Algeria SC founder and president.
Email: hani.benhabiles () owasp org

Blog: http://kroosec.blogspot.com
Twitter: kroosec <https://twitter.com/#%21/kroosec> 

 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Robin Wood (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works Hani Benhabiles (Jan 16)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
- Re: nmap not working properly...showing ports as filtered, but ncat banner grab works David Fifield (Jan 16)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)
    - Re: nmap not working properly...showing ports as filtered, but ncat banner grab works 'David Fifield' (Jan 20)
  - RE: nmap not working properly...showing ports as filtered, but ncat banner grab works Joseph McCray (Jan 16)