Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Windows 7 scanning
From: David Fifield <david () bamsoftware com>
Date: Sun, 14 Jun 2009 17:18:51 -0600

On Sat, May 09, 2009 at 01:25:49AM -0400, Mike Calmus wrote:
I have a Windows 7 RC machine that I just scanned using 4.85BETA8 and am 
getting some odd results. If I do any scan as root (even with -PN) it 
says the host isn't up and quits almost immediately. If instead I run the 
scan as a normal user it returns data even without the -PN flag. Am I 
wrong that this seems odd? What's going on here?

Try scanning with the --send-ip option. Nmap does an ARP ping scan for
hosts on the same subnet, even with -PN, under the logic that if you
can't get an ARP reply from a host then you don't have a chance of port
scanning it. --send-ip disables this behavior.

I am wondering if this has the same cause as Solaris 10 hosts appearing
down.

http://seclists.org/nmap-dev/2009/q1/0176.html

That was caused by Solaris sending back ARP replies to the broadcast
Ethernet address. If --send-ip works for you, please let us know.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]