nmap not working in Amazon's VPC

[Eugenio Jimenes <eugenio.jimenes () siteblindado com br>]

Hi,

We have a service that uses nmap as start point of a security assessment
check.

During development we haven't faced any problem. The way we used to call
this command was:
$ sudo nmap -sP -PA21,22,23,25,53,80,135,137,139,143,443,445,8080,3128
google.com.br

However, when we released this solution in production environment (using
VPC). The EC2 that executes the nmap command is inside a private subnet and
uses a NAT to get access to the outside internet ... the expected result of
nmap command should be:

Starting Nmap 6.00 ( http://nmap.org ) at 2014-01-09 14:37 BRST
Nmap scan report for google.com.br (173.194.118.24)
Host is up (0.00027s latency).
Other addresses for google.com.br (not scanned): 173.194.118.23
173.194.118.31
rDNS record for 173.194.118.24: gru06s09-in-f24.1e100.net
Nmap done: 1 IP address (1 host up) scanned in 10.07 seconds


BUT we are getting this:
Starting Nmap 6.00 ( http://nmap.org ) at 2014-01-09 16:57 UTC
Note: Host seems down. If it is really up, but blocking our ping probes,
try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 5.10 seconds


So for the server inside VPC google host is out of service.

We've already double checked the route table rules and security groups
configuration and it seems to be ok. How can we troubleshoot this in order
to find the root cause of the problem?

Regards,

-- 

[image: Descrição: http://www.siteblindado.com.br/pt/img/Shield.jpg]


*Eugenio Augusto Jimenes**Analista em segurança Pleno - Site Blindado/Site
Blindado Labs                         *
*Bacharelando em Ciências da Computação - USP / IME*

eugenio.jimenes () siteblindado com br
<http://www.linkedin.com/profile/view?id=35593661&trk=nav_responsive_tab_profile>

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/