Nmap basics



  • Has anyone been able to make the nmap package work?  I have installed the package just fine….built a number of firewall rules that source from the firewall to ANYWHERE yet nmap is still denied from sending anything from both the shell (logged in thru ssh) and from the web interface.  I know there is something basic that Im missing but I cant seem to find it.



  • Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.



  • @cmb:

    Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.

    ^What he said.

    I've got the pf firewall installed on my FreeBSD machines and use nmap to scan them.

    It returns some packets being blocked and as the firewall not responding to ping, but if I set the -Pn flag it will continue the scan and show 1000 ports flitered.

    sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
    Offending packet: TCP 192.168.1.150:?? > 192.168.1.151:?? ?? ttl=59 id=55250 iplen=15360 frag offset=512  (incomplete)
    
    sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
    Offending packet: TCP 192.168.1.150:48429 > 192.168.1.151:33217 FPU ttl=47 id=42102 iplen=15360  
    seq=1288232717 win=65535 <wscale 15,nop,mss="" 265,timestamp="" 4294967295="" 0,sackok="">+snip+
    
    Completed NSE at 02:09, 10.00s elapsed
    Nmap scan report for 192.168.1.151
    Host is up.
    All 1000 scanned ports on 192.168.1.151 are filtered
    Too many fingerprints match this host to give specific OS details</wscale> 
    

Locked