mailing list archives
Re: differences between nmap-online and nmap command line
From: "sara fink" <sara.fink () gmail com>
Date: Tue, 24 Jun 2008 20:02:22 +0300
On Tue, Jun 24, 2008 at 6:43 PM, Brandon Enright <bmenrigh () ucsd edu> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 24 Jun 2008 18:29:40 +0300 or thereabouts "sara fink"
<sara.fink () gmail com> wrote:
so, which output is correct? the command line or the web page test? I
tested it on my external ip. I have linux kernel 2.6.24.
Probably both. Remember that the results of a port scan are a function
of the scanning machine, target machine, and all network filters
(firewalls) between the two.
Yes, you are right.
- From one view (localhost) you may have 3000 closed ports. From another
host (nmap-online) you may have a handful of filtered ports.
The list you provided is a reasonable, albeit aggressive list of ports
for an ISP to filter.
The problem is that there are much more than these 3000 closed ports.
I am not sure if it's isp that puts the firewall or the infrastructure
problem. I am mpls without dialer. In this case dhcp, getting ip comes
from the infrastructure. The isp doesn't see my browsing at all.
It looked like the command line didn't even scan. In a sec I got the
reply of 3000 port scan.
0.175 seconds is what I'd call a "blink of the eye".
What about the nmap-online problem that at some point it says port
scan took too long. If I try to scan more than 5000 ports at a time?
Is it a bug?
Can this problem be solved?
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org