Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Getting SCTP support ready for merging
From: Gisle Vanem <gvanem () broadpark no>
Date: Fri, 22 May 2009 19:10:25 +0200

"Daniel Roethlisberger" <daniel () roe ch> wrote:

The '-sY' gives no open sctp ports (1-1024) scanning against

The final word from nmap-sctp is:
"All 1024 scanned ports on lakerest.net ( are filtered because of 1024 no-responses".

Are you sure there is no NAT or stateful firewall or something in
your way, which drops all SCTP packets?  (Windows firewall or
some other personal firewall?)

You're correct. It was my ADSL-box dropping the inbound sctp packets.
Fixed now.

What is the output of:

NMAPDIR=. ./nmap -v -d3 -PN -sY -p 22,80 www.sctp.org


Changing ping technique for to sctp to port 22; chunk: INIT
RCVD (2.9380s) SCTP > ttl=40 id=44888 iplen=596
Found in incomplete hosts list.
Discovered open port 80/sctp on
Moving to completed hosts list with 0 outstanding probes.
Changing global ping host to
Completed SCTP INIT Scan at 16:07, 0.67s elapsed (2 total ports)
Overall sending rates: 2.98 packets / s, 154.76 bytes / s.
pcap stats: 4 packets received by filter, 0 dropped by kernel.
Host lakerest.net ( is up, received user-set (0.17s latency).
Scanned at 2009-05-22 16:07:11 GMT for 1s
Interesting ports on lakerest.net (
22/sctp closed ssh     abort
80/sctp open   http    init-ack
Final times for host: srtt: 172000 rttvar: 129000  to: 688000

Read from .: nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 2.94 seconds
          Raw packets sent: 2 (104B) | Rcvd: 2 (122B)


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]