Date: Tue, 1 Aug 2000 15:13:35 +0200 (CEST) From: zaks@prioris.mini.pw.edu.pl To: FreeBSD-gnats-submit@freebsd.org Subject: ports/20342: Nmap doesn't report open ports in stealth scan mode Message-ID: <200008011313.PAA04510@pf39.warszawa.sdi.tpnet.pl>
next in thread | raw e-mail | index | archive | help
>Number: 20342 >Category: ports >Synopsis: Nmap doesn't report open ports in stealth scan mode >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Aug 01 06:20:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Slawek Zak >Release: FreeBSD 5.0-CURRENT i386 >Organization: Warsaw University of Technology >Environment: P-t-P interface (tun0) was used. Nmap version i 2.53 compiled from ports >Description: Nmap doesn't seem to find remote ports open working in stealth mode. Ports are recognized as filtered. >How-To-Repeat: [tun interface] pf39# nmap -sS -P0 -v -p25 prioris [..........] Port State Service 25/tcp filtered smtp Nmap run completed -- 1 IP address (1 host up) scanned in 36 seconds ## Relevant tcpdump trace pf39.53713 > prioris.smtp: S 490700102:490700102(0) win 4096 prioris.smtp > pf39.53713: S 1925646539:1925646539(0) ack \ 490700103 win 16384 <mss 1460> (DF) pf39.53713 > prioris.smtp: R 490700103:490700103(0) win 0 pf39.53714 > prioris.smtp: S 1243791711:1243791711(0) win 4096 prioris.smtp > pf39.53714: S 1926781491:1926781491(0) ack \ 1243791712 win 16384 <mss 1460> (DF) pf39.53714 > prioris.smtp: R 1243791712:1243791712(0) win 0 pf39.53715 > prioris.smtp: S 2733700557:2733700557(0) win 4096 pf39.53716 > prioris.smtp: S 490700102:490700102(0) win 4096 prioris.smtp > pf39.53716: S 1929281189:1929281189(0) ack \ 490700103 win 16384 <mss 1460> (DF) pf39.53716 > prioris.smtp: R 490700103:490700103(0) win 0 pf39.53717 > prioris.smtp: S 1243791711:1243791711(0) win 4096 prioris.smtp > pf39.53717: S 1930419819:1930419819(0) ack \ 1243791712 win 16384 <mss 1460> (DF) pf39.53717 > prioris.smtp: R 1243791712:1243791712(0) win 0 pf39.53718 > prioris.smtp: S 2733700557:2733700557(0) win 4096 [Other host (3.5-STABLE), ethernet interface] prioris# nmap -sS -P0 -v -p25 alpha [..........] Port State Service 25/tcp open smtp Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds >Fix: Probably problem lays in the some tun interface implementation bug. The same version of nmap on FreeBSD 3.5-STABLE, using fxp ethernet interface works fine. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008011313.PAA04510>