Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: Maybe bug, with -sP und ASA sending RST for denied networks

Re: Maybe bug, with -sP und ASA sending RST for denied networks

From: Pluto <pluto_at_stderr.de>
Date: Wed, 24 Oct 2007 12:44:01 +0200

On Mon, Oct 22, 2007 at 04:47:12PM -0700, Fyodor wrote:
> On Thu, Oct 18, 2007 at 11:22:01AM +0200, Pluto wrote:
> > Salve,
> >
> > maybe old stuff, just happened to me and can't find something in the docs
> > or elsewhere. When dong the -sP with an ASA in between you and the target,
> > the tcp-syn on port 80 will be answered by a RST from the ASA, thereby making
> > nmap think the host is responding and alive. Of course the results of such
> > a scan are basically useless then.
> >
> > Would it be possible to ignore RST in such a szenario? Or have a command
> > line switch to trigger this?
>
> That can be a problem with port 80. You may want to try a different
> type of ping scan (such as ICMP only) or change the TCP ping probe
> port(s).

  Ok, my error, seems like I do write a very stupid mail every few years, this
has been it for this period :( Could have seen in the manpage that the -PE
disables the syn on port 80.

  Gruss 

-- 
  Pluto   -   SysAdmin of Hades
  Free information! Freedom through knowledge. Wisdom for all!! =:-)
  PGP://0xB4BBB4A9?524CB500A8F3EAA2&6A3E5272F9072A17  ICQ: 286852401
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Oct 24 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]