nmap and port scanning reliability

William Muriithi william.muriithi-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Thu Oct 2 13:39:20 UTC 2008


Hi pals,

A couple of weeks ago, I set up an application that uses port 1194. It
worked well and then all of a sudden stopped working. I spent sometime
looking at what went wrong and I could not find anything on the
software side.

So I looked at the connection and I am now a little lost. The router
is configured to allow port 1194, but if I scan the IP for open ports,
all ports are apparently. I am not sure its nmap that is giving
erroneous information, but something do not make sense. Here is what I
get when I scan for the open port.

 [root at william]# nmap -P0 149.99.4x.16x

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-10-02 00:26 EAT
All 1680 scanned ports on Z-a2-1-0-386-S1.tls3.tor1.rogerstelecom.net
(149.99.49.166) are filtered (1124) or closed (556)

Nmap finished: 1 IP address (1 host up) scanned in 8684.741 seconds

[root at william]# nmap -sU -v 149.99.4x.16x

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-10-02 00:36 EAT
Note: Host seems down. If it is really up, but blocking our ping probes, try -P0
Nmap finished: 1 IP address (0 hosts up) scanned in 2.054 seconds
               Raw packets sent: 4 (136B) | Rcvd: 0 (0B)

Now, can I reliably assume nmap is reporting the correct info and go
ahead pulling away the router? Is there any chance Rogers could have
blocked port 1194? Advice.

Regards,

William
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list