mailing list archives
Re: SCTP scanme system at scanme.csnc.ch
From: Daniel Roethlisberger <daniel () roe ch>
Date: Sat, 13 Jun 2009 16:10:23 +0200
Brandon Enright <bmenrigh () ucsd edu> 2009-06-12:
My results are coming back filtered:
$ sudo nmap -sY -PN -T5 --reason -p 7,9 -v -n scanme.csnc.ch
Starting Nmap 4.85BETA10 ( http://nmap.org ) at 2009-06-12 23:06 UTC
NSE: Loaded 0 scripts for scanning.
Initiating SCTP INIT Scan at 23:06
Scanning 126.96.36.199 [2 ports]
Completed SCTP INIT Scan at 23:06, 1.51s elapsed (2 total ports)
Host 188.8.131.52 is up, received user-set.
Interesting ports on 184.108.40.206:
PORT STATE SERVICE REASON
7/sctp filtered echo no-response
9/sctp filtered discard no-response
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.58 seconds
Raw packets sent: 4 (208B) | Rcvd: 0 (0B)
I can't figure out what is filtering the packets though. I manually
did a SCTP traceroute by using Nmap's --ttl feature and found that this
hop is dropping all ICMP TTL exceeded messages (traceroute dead end):
13 adsl-130-143.dsl.init7.net (220.127.116.11) 177.548 ms 175.733 ms 176.90
All the hops leading up to this one encapsulate my SCTP packets
properly so I know my scan is at least getting 13 hops out.
I verified connectivity from several Internet locations and can
reach scanme just fine from everywhere. It is possible that you
tested during a short time frame while the scanme box was
rebooting or offline due to recabling it yesterday.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org