Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: NMap Scanning Issues
From: "Reid Keister" <trkeister () gmail com>
Date: Fri, 28 Apr 2006 15:24:10 -0500

You could try and slow your scans down by using the -T option.  The
scans will take longer, obviously, but you would get better results if
packets are being dropped due to congestion.

If you try and run a selective port scan immediately after the 1-1024
or 1-65535 scan, do you get the original results, or the supposed
erroneous ones from the 1-1024 . . . ?

I have had a firewall/IPS black-hole me after performing a multiple
port scan.  Slowing the scan _way_ down works, but it's slow.  But, If
there isn't a firewall on the other side then it shouldn't be an
issue.

hth,
Reid

On 28 Apr 2006 13:41:11 -0000, 09Sparky () gmail com <09Sparky () gmail com> wrote:
I am trying to run Nmap both on specific ports and then multiple ports (1-1024, 1-65535, etc).  My issue or is this:  
when I run small port scans; my results come back fine (open, closed, filtered).  I have confirmed that the results are 
accurate.  However, when I attempt to scan multiple ports I get various unreliable results.  For instance, a port that 
I could have confirmed either open or closed may show up as filtered or the opposite.


No configuration changes have been made and no firewall on remote site.


Additional Notes:

-I am running over the Internet

-I am running from behind a Netgear Firewall/VPN/Router (FW114) with NAT

-Cable/DSL Connection (Fast)


I am wondering if my router is timing out or perhaps I am performing a DOS of my own router. Does any have any thoughts 
or experienced this type of problem? If so, does anyone have any recommendations?


Thanks,

09Sparky


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]