Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Maybe bug, with -sP und ASA sending RST for denied networks
From: Fyodor <fyodor () insecure org>
Date: Mon, 22 Oct 2007 16:47:12 -0700

On Thu, Oct 18, 2007 at 11:22:01AM +0200, Pluto wrote:
  Salve,

  maybe old stuff, just happened to me and can't find something in the docs
or elsewhere. When dong the -sP with an ASA in between you and the target,
the tcp-syn on port 80 will be answered by a RST from the ASA, thereby making
nmap think the host is responding and alive. Of course the results of such
a scan are basically useless then.

  Would it be possible to ignore RST in such a szenario? Or have a command
line switch to trigger this?

That can be a problem with port 80.  You may want to try a different
type of ping scan (such as ICMP only) or change the TCP ping probe
port(s).

-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault