Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Nmap/netwag problem.
From: Kaj Huisman <kaj.huisman () gmail com>
Date: Wed, 10 Aug 2005 14:25:18 +0200

Aleph One wrote:
Hi all,
       I faced a problem running two tools producing totally different results.
What i did is described as ...I ran nmap on a IP with these parameters
: syn scan,dont ping,very verbose ,aggressive scan..it showed ports 80
n 1723 filtered.I ran this scan from Linux box.
Same time ,i used netwag to scansame ip which showed these ports open.

What can be the problem..??please help.


A nmap syn scan does not initiate a full connection, it sends a syn in the hope it will recieve a syn-ack to wich it will then respond with a rst (iirc). I could not directly extract from the netwox site what type of scan they utilise (perhaps a 'full connect' scan ?).

Anyway. a 'full connect' scan (one that performs the complete three-way handshake will _always_ (?) be the most reliable. My sugeestion is to perform either a nmap connect scan on the ports from both results or to manually telnet to the ports and see the response.

Hope that helps, G'Day

PS: The manual page for nmap contains more information about how different scans produce different reports, the protocols are just guidelines for the manufacturers, implementations may vary.

FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]