Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: SCTP scanme system at scanme.csnc.ch
From: Daniel Roethlisberger <daniel () roe ch>
Date: Sat, 13 Jun 2009 16:10:23 +0200

Brandon Enright <bmenrigh () ucsd edu> 2009-06-12:
My results are coming back filtered:

$  sudo nmap -sY -PN -T5 --reason -p 7,9 -v -n scanme.csnc.ch

Starting Nmap 4.85BETA10 ( http://nmap.org ) at 2009-06-12 23:06 UTC
NSE: Loaded 0 scripts for scanning.
Initiating SCTP INIT Scan at 23:06
Scanning [2 ports]
Completed SCTP INIT Scan at 23:06, 1.51s elapsed (2 total ports)
Host is up, received user-set.
Interesting ports on
7/sctp filtered echo    no-response
9/sctp filtered discard no-response

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.58 seconds
           Raw packets sent: 4 (208B) | Rcvd: 0 (0B)

I can't figure out what is filtering the packets though.  I manually
did a SCTP traceroute by using Nmap's --ttl feature and found that this
hop is dropping all ICMP TTL exceeded messages (traceroute dead end):

13  adsl-130-143.dsl.init7.net (  177.548 ms  175.733 ms  176.90

All the hops leading up to this one encapsulate my SCTP packets
properly so I know my scan is at least getting 13 hops out.

I verified connectivity from several Internet locations and can
reach scanme just fine from everywhere.  It is possible that you
tested during a short time frame while the scanme box was
rebooting or offline due to recabling it yesterday.

Daniel Roethlisberger

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]