Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: nmap
From: Taufiq Ali <taufiq.ali () niiconsulting com>
Date: Wed, 30 Jul 2008 09:38:43 +0530

Hey,

By default if you run the nmap scan on any site it runs the syn stealth scan. If you are getting all the ports open this could be a false positive. However to confirm your results try -sS, -sA (normally used to get through a packet filtering device)or -sT. If you are still getting all the ports open then try running hping from a linux box to confirm your results.

--
Taufiq Ali
CEH
Lead Security Programmer
www.niiconsulting.com



Fábio Russo wrote:
2008/7/29 Fábio Russo <fabio.contin.russo () gmail com>
Hi dude,
What happens if you try with the '-P0' switch ?
I beleve you should've tried something like this: 'nmap -vsS -P0 <address>' because the '-PN' switch will only treat host as 
online. I don't think it is gonna work, but it's only a guess.

I hope it's usefull...


2008/7/29 Michael Kitange <michaelkitange () gmail com>
hi,
i tried to nmap a site and it said that the pings are blocked and i
had to use the '-PN' switch. well the result which i got was that all
the posts were open. though if i telnet to those posts, they appear to
be closed.
can that be done? fooling that all ports are open on the server if it
can be, then how?

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • nmap Michael Kitange (Jul 29)
    • Message not available
      • Re: nmap Fábio Russo (Jul 29)
        • RE: nmap Pyramid Floors (Jul 30)
        • Re: nmap kevin horvath (Jul 30)
        • Re: nmap Taufiq Ali (Jul 30)
    • Message not available
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault