mailing list archives
Re: Getting SCTP support ready for merging
From: Gisle Vanem <gvanem () broadpark no>
Date: Fri, 22 May 2009 19:10:25 +0200
"Daniel Roethlisberger" <daniel () roe ch> wrote:
The '-sY' gives no open sctp ports (1-1024) scanning against
The final word from nmap-sctp is:
"All 1024 scanned ports on lakerest.net (184.108.40.206) are filtered
because of 1024 no-responses".
Are you sure there is no NAT or stateful firewall or something in
your way, which drops all SCTP packets? (Windows firewall or
some other personal firewall?)
You're correct. It was my ADSL-box dropping the inbound sctp packets.
What is the output of:
NMAPDIR=. ./nmap -v -d3 -PN -sY -p 22,80 www.sctp.org
Changing ping technique for 220.127.116.11 to sctp to port 22; chunk: INIT
RCVD (2.9380s) SCTP 18.104.22.168:80 > 10.0.0.6:48513 ttl=40 id=44888 iplen=596
Found 22.214.171.124 in incomplete hosts list.
Discovered open port 80/sctp on 126.96.36.199
Moving 188.8.131.52 to completed hosts list with 0 outstanding probes.
Changing global ping host to 184.108.40.206.
Completed SCTP INIT Scan at 16:07, 0.67s elapsed (2 total ports)
Overall sending rates: 2.98 packets / s, 154.76 bytes / s.
pcap stats: 4 packets received by filter, 0 dropped by kernel.
Host lakerest.net (220.127.116.11) is up, received user-set (0.17s latency).
Scanned at 2009-05-22 16:07:11 GMT for 1s
Interesting ports on lakerest.net (18.104.22.168):
PORT STATE SERVICE REASON
22/sctp closed ssh abort
80/sctp open http init-ack
Final times for host: srtt: 172000 rttvar: 129000 to: 688000
Read from .: nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 2.94 seconds
Raw packets sent: 2 (104B) | Rcvd: 2 (122B)
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org