Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: RE: Nmap 4.75 Posted!

RE: Nmap 4.75 Posted!

From: Aaron Leininger <rilian4_at_hotmail.com>
Date: Mon, 8 Sep 2008 09:37:41 -0700

nmap 4.75 compiles fine on my debian box. I ran it on a box on my network and got the following:
$ sudo nmap -sS my_target

Starting Nmap 4.75 ( http://nmap.org ) at 2008-09-08 09:27 PDT
Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
Interesting ports on ths-aleininger-desktop.ttsd.k12.or.us (my_target):
Not shown: 986 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1049/tcp open unknown
1050/tcp open java-or-OTGfileshare
2701/tcp open unknown
2702/tcp open unknown
5800/tcp open vnc-http
5900/tcp open vnc
8192/tcp open unknown
8193/tcp open unknown
8194/tcp open unknown
16992/tcp open unknown
16993/tcp open unknown
MAC Address: 00:1C:C0:4E:3A:E7 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 1.56 seconds

Compare that to the output of nmap 4.68 using the same command and same host:
-------------------------------------------------------------------------------------------------
Starting Nmap 4.68 ( http://nmap.org ) at 2008-09-08 09:31 PDT
Interesting ports on my_target:
Not shown: 1709 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1050/tcp open java-or-OTGfileshare
5800/tcp open vnc-http
5900/tcp open vnc

Nmap done: 1 IP address (1 host up) scanned in 1.385 seconds

I ran a test with hping on port 16992 shown in 4.75 as open with the following results:
# hping -S -p 16992 -c 1 my_target
HPING 10.4.0.106 (eth0 10.4.0.106): S set, 40 headers + 0 data bytes
len=46 ip=10.4.0.106 ttl=128 DF id=16544 sport=16992 flags=SA seq=0 win=64512 rtt=0.5 ms

It did come back with SYN and ACK flagged so it seems as if 4.75 is correct. What is odd is that 4.68 doesn't show those ports. Is 4.75 set to scan a larger range of ports by default?
Aaron

> Hi folks. Nobody found any show-stopping bugs in the last 24 hours,
> so I've built version 4.75 and posted it to the download page!
>
> http://nmap.org/download.html
>
> Please give it a try and report any problems, as we still have a
> little bit of time left before I announce it to nmap-hackers...

_________________________________________________________________
See how Windows connects the people, information, and fun that are part of your life.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093175mrt/direct/01/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Sep 08 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos