Re: Bug with nmap 6.00

[David Fifield <david () bamsoftware com>]

On Fri, May 25, 2012 at 10:28:35AM +0100, Rob Shapland wrote:
> Hi,
>
> I'm having an issue with the latest version of nmap, that is not a problem
> in version 5.51.
>
> - Doing a -sS scan of port 3389/tcp on my target in nmap 6.00, the port is
> returned as filtered.
>
> - Doing *exactly *the same scan with nmap 5.51, port is returned as open.
>
> - A -sT scan returns port as open with both versions.
>
> - Full scan settings: nmap -sS -PN <target> -p3389.
>
> - Using Wireshark to capture the traffic, in version 5.51 the syn, syn ack
> and RST packets can be seen. Doing the same in nmap 6.00, no packets at all
> are captured being sent to or from the target.
>
> - Operating system of my machine is Windows 7 Professional 64 bit, winpcap
> version is 4.1.2. Wireshark 1.6.8 Rev 42761. Windows Firewall is switched
> off, no other firewall software.
>
> If you need any further information (I can't reveal the target IP address)
> please feel free to contact me. For the moment I will revert to nmap 5.51.

Is is only this one port on this one target, or do all ports on all
targets come up as filtered? Does it happen on with targets on the same
subnet, or also with targets that have to be routed (e.g.
scanme.nmap.org)?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/