Re: Maybe bug, with -sP und ASA sending RST for denied networks

On Thu, Oct 18, 2007 at 11:22:01AM +0200, Pluto wrote:
> Salve,
>
> maybe old stuff, just happened to me and can't find something in the docs
> or elsewhere. When dong the -sP with an ASA in between you and the target,
> the tcp-syn on port 80 will be answered by a RST from the ASA, thereby making
> nmap think the host is responding and alive. Of course the results of such
> a scan are basically useless then.
>
> Would it be possible to ignore RST in such a szenario? Or have a command
> line switch to trigger this?

That can be a problem with port 80. You may want to try a different
type of ping scan (such as ICMP only) or change the TCP ping probe
port(s).

-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Oct 22 2007