Home page logo

nmap-dev logo Nmap Development mailing list archives

Strange NMAP 4.0 Behavior
From: kx <kxmail () gmail com>
Date: Mon, 20 Feb 2006 19:54:58 -0500

  The default scan when not specified is -sS -F. If you only wanted to
do an ICMP Echo Ping Scan and no more, use -sP -PE.

  So while there is no bug, I looked over the man pages and nmap's
defaults are not explicitly detailed in any section.

  For the novice, it is not clear what actions the command "nmap
scanme.insecure.org" will invoke. Maybe we (the nmap community) can
work on documenting that better, especially with the recent additions
of things like nmap's own ARP stack, and DNS resolution.

Thanks for the feedback.

On 2/20/06, Derek Nash <ddnash () gmail com> wrote:
I was just noticing when running an ICMP Echo scan (-PE) in NMAP
version 4.00 that it seems to be including a SYN scan on all Service
ports (-sS -F) scan as part of this scan type. I have witnessed this
on 2 separate installs and systems, I couldn't find documentation that
states this is a new default behavior.

Has anyone else witnessed this strange behavior? If this is a new
default behavior does anyone know if this behavior is defeatable?

This seems like a bug to me, but I thought I would post here prior to
submitting a bug report.

Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
  • Strange NMAP 4.0 Behavior kx (Feb 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]