Penetration Testing mailing list archives
Re: nmap
From: "kevin horvath" <kevin.horvath () gmail com>
Date: Tue, 29 Jul 2008 20:59:58 -0400
-P0 and -PN are the same thing it just has changed in the newer version of nmap. Most likely you are running into some form of reverse proxy be it a load balancer or application layer firewall. Essentially it responds to all ports as being open and then denies or permits all traffic depending on the traffic. Although this is pretty odd as most are configured to drop a packet all together or send a RST packet back to kill the connection so that its state tables dont fill up. On Tue, Jul 29, 2008 at 4:54 PM, Fábio Russo <fabio.contin.russo () gmail com> wrote:
2008/7/29 Fábio Russo <fabio.contin.russo () gmail com>Hi dude, What happens if you try with the '-P0' switch ? I beleve you should've tried something like this: 'nmap -vsS -P0 <address>' because the '-PN' switch will only treat host as online. I don't think it is gonna work, but it's only a guess. I hope it's usefull... 2008/7/29 Michael Kitange <michaelkitange () gmail com>hi, i tried to nmap a site and it said that the pings are blocked and i had to use the '-PN' switch. well the result which i got was that all the posts were open. though if i telnet to those posts, they appear to be closed. can that be done? fooling that all ports are open on the server if it can be, then how? ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------