Well maybe there's some kind of IPS/firewall that detects portscans and
starts dropping packets? Try doing a much slower scan and see what
results you get. Or try something like
nmap -sS -P0 -r -p10443-65535 xx.xx.xx.yy -T4
On Sun, 14 Jan 2007 17:19:48 -0500, frenzie_at_pop.powweb.com said:
> I have had some abnormal results using nmap 4.10 to do a syn TCP scan on
> a particuylar external network range. When i ran the scan as a full port
> scan of 0-65535, all ports are found to be filtered. Yet we know that
> port 10443 is open, and when i do a scan on that port, it is found to be
> open.
>
> This has meant a number of open ports have been missed in scanning this
> range.
>
> Is there something obvious that i have omitted, other more usual ports
> were found open on other hosts.
>
> ----------------------------------------------------------------
> # Nmap 4.10 scan: nmap -sS -P0 -p0-65535 -T4 -oA outputfile
> xx.xx.xx.xx/24
>
> All 65536 scanned ports on host (xx.xx.xx.yy) are filtered
> ----------------------------------------------------------------
>
> ----------------------------------------------------------------
> nmap -sS -P0 -p10443 xx.xx.xx.yy -T4
> Starting Nmap 4.10
>
> Interesting ports on host (xx.xx.xx.yy):
> PORT STATE SERVICE
> 10443/tcp open unknown
>
> Nmap finished: 1 IP address (1 host up) scanned in 4.560 seconds
> ----------------------------------------------------------------
>
> thanks for your time
> Shanna
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
--
Hans Nilsson
hasse_gg_at_ftml.net
--
http://www.fastmail.fm - Access your email from home and the web
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 14 2007
Intro
