Nmap Development mailing list archives
Re: d2 and closed ports output
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 4 May 2016 09:57:12 -0500
Mike, On Thu, Apr 21, 2016 at 10:58 PM, Mike . <dmciscobgp () hotmail com> wrote:
hello just wondering if there is any way i scan and keep the d2 output for debugging but also able to omit the "Discovered closed port" long list i get back after the scan, because it "covers up" the actual result. i tried -open but the d2 overrides that. prob something simple for a fix that i am not aware of. anyone know?
The easiest way to do this would be to filter the results after scanning to exclude lines you don't want. IIRC you are on Windows, so the command might be: findstr /v /c:"Discovered closed" output.txt | findstr /v /c:"/[ut][dc]p *closed" > stripped.txt On GNU or Unix systems, you could use grep: grep -v -e "^Discovered closed" -e "/[ut][dc]p *closed" output.txt > stripped.txt
last issue , and a bizare one. i have a simple CISCO SPTVG router alot of people have. i always have 80 open for the config page and i can always connect to it to make changes from my end. however, i have noticed, right after a simple -sV scan, just querying that port...i then get a FILTERED for my router on that port and the router literally has to be reset to get it open again. why is this?
Nmap's service scan (-sV) sends lots of probes to unknown services, and some poorly-written services crash when these probes are received. Embedded systems like home routers, IoT devices, medical devices, and industrial control systems are particularly frequent victims of this effect. There's really no excuse because these probes have been public for decades. If you can manage to get a service fingerprint from this service, please submit it at https://nmap.org/submit/ so that future scans will stop after correctly identifying the service, without continuing on to use more unusual probes that are probably causing the crash. Dan
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- d2 and closed ports output Mike . (Apr 21)
- Re: d2 and closed ports output Daniel Miller (May 04)