Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: default host detection

From: David Fifield <david () bamsoftware com>
Date: Tue, 9 May 2017 18:16:16 -0700
On Tue, May 09, 2017 at 08:08:51PM +0000, Robin Wood wrote:

If I run the command

nmap -p 445 1.2.3.4

what host detection should nmap use to decide if the host is up before it
checks the ports? I would have assumed that one of the checks would be to ping
it but if you look at the attached screenshot, I ping the host and get a reply,
nmap then says that it is down, I ping again, still have replies, I then scan
with -P0 and I get the response I'm expecting, that the port is open.


If you're running as nonroot, then host discovery is just a connect
request to ports 80 and 443. ICMP echo only happens when running as
root.

If you want to use different ports for host discovery, you can do it
like this:
        nmap -PS445,9999 1.2.3.4

--packet-trace will show exactly what probes are being sent.
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: