.

Nmap problem.

<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sat Sep 08, 2007 8:02 pm

Nmap problem.

First off, i wanted to say nice site. I've found it useful for alot of my problems. I've recently contacted Fyodor, and another nmap user about this issue. Of course, Fyodor is too busy to answer, and the other user hasnt been able to help with my situation. Here's the problem:
Current OS: BackTrack 2 (Figured You'd Need This Info)
Nmap Version: (Tried 4.20 Standard With BackTrack, Now Installed 4.22)
I'm running scans on 50 hosts at a time, scanning the 4th Octet of the ip address. The Command I'm using is provided below:
nmap -p 21,42,445,1433,1434,3389,5900 -P0 -T Insane xxx.xxx.xxx.1-50
My issue is nmap is returning invalid results, its telling me all of the ports are open on each individual machine. Why is this? All help/suggestions are appreciated. Thank you in advanced. ;D
Last edited by KrisTeason on Sat Sep 08, 2007 8:16 pm, edited 1 time in total.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

LSOChris

Post Sat Sep 08, 2007 9:29 pm

Re: Nmap problem.

maybe you can try throttling back on the sending of packets with the -T Insane to something a little slower.  what kind of connection are you on? are you scanning outside of your subnet?  what kind of network devices are between you and those hosts?

all those could be factors on why you are getting inaccurate results.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sat Sep 08, 2007 9:54 pm

Re: Nmap problem.

Chris Gates, I'm a fan. Contacted you through e-mail earlier today about msf 3.1, disregaurd that e-mail. I'm on a laptop. Linksys Router, I am scanning outside of the subnet.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

jimbob

Post Mon Sep 10, 2007 5:11 am

Re: Nmap problem.

It's probably best to break your scan down and start with a single IP address. Does this produce the same results? If the ports are shown as open, can you use netcat to confirm this?

Running a port scan over a large address range can take time and it's very tempting to increase the scan rate. This is often not a good idea, I personally don't use anything higher then -T4, and I'll only use this on local addresses. Patience is important in doing a scan, if it's going to take a long time try running it overnight on a slower setting.

Jimbob
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Mon Sep 10, 2007 3:40 pm

Re: Nmap problem.

Well the basics of what i'm doing is scanning a range of hosts for vulnerability. If i scan single hosts at a time of course it will be slower. Thanks for your reply jimbob, i'll attempt the -T4.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software