Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Bug with nmap 6.00
From: David Fifield <david () bamsoftware com>
Date: Sun, 27 May 2012 23:14:48 -0700

On Fri, May 25, 2012 at 10:28:35AM +0100, Rob Shapland wrote:
Hi,

I'm having an issue with the latest version of nmap, that is not a problem
in version 5.51.

- Doing a -sS scan of port 3389/tcp on my target in nmap 6.00, the port is
returned as filtered.

- Doing *exactly *the same scan with nmap 5.51, port is returned as open.

- A -sT scan returns port as open with both versions.

- Full scan settings: nmap -sS -PN <target> -p3389.

- Using Wireshark to capture the traffic, in version 5.51 the syn, syn ack
and RST packets can be seen. Doing the same in nmap 6.00, no packets at all
are captured being sent to or from the target.

- Operating system of my machine is Windows 7 Professional 64 bit, winpcap
version is 4.1.2. Wireshark 1.6.8 Rev 42761. Windows Firewall is switched
off, no other firewall software.

If you need any further information (I can't reveal the target IP address)
please feel free to contact me. For the moment I will revert to nmap 5.51.

Is is only this one port on this one target, or do all ports on all
targets come up as filtered? Does it happen on with targets on the same
subnet, or also with targets that have to be routed (e.g.
scanme.nmap.org)?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault