|
Nmap Development
mailing list archives
nmap v 3.20 false positives
From: "Brian G. Kirsch" <bkirsch () olosec com>
Date: Tue, 20 May 2003 13:18:36 -0700 (PDT)
I ran the following test (nmap v. 3.20 on RH 7.3):
nmap -T Normal -P0 -p1-15000 ip.addr.to.scan
and got the following output:
Interesting ports on host.domain.com (ip.addr.to.scan):
(The 14992 ports scanned but not shown below are in state: filtered)
Port State Service
22/tcp open ssh
80/tcp open http
902/tcp open unknown
4002/tcp open unknown
6931/tcp open unknown
7881/tcp open unknown
9163/tcp open unknown
14129/tcp open unknown
# Nmap run completed -- 1 IP address (1 host up) scanned in 17133.450 seconds
(NOTE THE LONG TIME TO COMPLETE)
The trouble is, that only two of these ports are actually open:
nmap -P0
-p20-25,75-85,900-905,4000-4005,6930-6935,7880-7885,9160-9165,14125-14130
ip.addr.to.scan
Starting nmap 3.20 ( www.insecure.org/nmap/ ) at 2003-05-20 13:11 PDT
Interesting ports on host.domain.com (ip.addr.to.scan):
(The 51 ports scanned but not shown below are in state: filtered)
Port State Service
22/tcp open ssh
80/tcp open http
Nmap run completed -- 1 IP address (1 host up) scanned in 3.263 seconds
In advance of any replies, I will be upgrading to nmap v. 3.27-1...
Thanks,
Brian
--
Brian Kirsch
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
 By Date 
By Thread
Current thread:
- nmap v 3.20 false positives Brian G. Kirsch (May 20)
|
Intro
