Nmap Development: Re: Maybe bug, with -sP und ASA sending RST for denied networks

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Nmap Development mailing list archives

Re: Maybe bug, with -sP und ASA sending RST for denied networks

From: Fyodor <fyodor () insecure org>
Date: Mon, 22 Oct 2007 16:47:12 -0700

On Thu, Oct 18, 2007 at 11:22:01AM +0200, Pluto wrote:

  Salve,

  maybe old stuff, just happened to me and can't find something in the docs
or elsewhere. When dong the -sP with an ASA in between you and the target,
the tcp-syn on port 80 will be answered by a RST from the ASA, thereby making
nmap think the host is responding and alive. Of course the results of such
a scan are basically useless then.

  Would it be possible to ignore RST in such a szenario? Or have a command
line switch to trigger this?


That can be a problem with port 80.  You may want to try a different
type of ping scan (such as ICMP only) or change the TCP ping probe
port(s).

-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

By Date By Thread

Current thread:

Maybe bug, with -sP und ASA sending RST for denied networks Pluto (Oct 20)
- Re: Maybe bug, with -sP und ASA sending RST for denied networks Fyodor (Oct 22)
  - Re: Maybe bug, with -sP und ASA sending RST for denied networks Pluto (Oct 24)
  - RE: Maybe bug, with -sP und ASA sending RST for denied networks Dario Ciccarone (dciccaro) (Oct 24)
    - Re: Maybe bug, with -sP und ASA sending RST for denied networks Pluto (Oct 26)
    - RE: Maybe bug, with -sP und ASA sending RST for denied networks Dario Ciccarone (dciccaro) (Oct 26)