Hi list ;),
I'm a student and I'm trying to learn how nmap does its job.
Today, for example, I tried to scan my home network ( ;) )... In fact,
I've 2 computers behind a router (which does wireless AP, router &
firewall: linksys wrt54g). Then, I tried to scan from "outside" the
network (aka: from a friend on the internet).
On the router (LAN ip: 192.168.1.1) , I've the port 6356 (Gnutella)
which is forwarded to 192.168.1.2 (my first pc).
When I tried to scan from outside, I obviously obtain:
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-04-22 18:26 CEST
Warning: OS detection will be MUCH less reliable because we did not
find at least 1 open and 1 closed TCP port
Interesting ports on 80.13.xx.yy:
(The 1671 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
6346/tcp closed gnutella
Too many fingerprints match this host to give specific OS details
In fact, it was what I was expecting for. My question is how to scan
the hosts behind the router (NAT) ? Is it possible ?
Thanks
N.
-------------------------------------------------------------------------
This List Sponsored by: Webroot
AFAIK no, because of the NAT nature. It was designed to hide real network. In
fact there are some methods to count hosts behind NAT (search history of the
list and latest numbers of phrack), but that is all.
--
Roman Shirokov
Systems Administrator
85A4 8586 FEEE 171B D0F1 A9C1 27C8 A907 EE45 7D0E
http://securitybox.org.ru
e-mail: securitybox@softhome.net
-------------------------------------------------------------------------
This List Sponsored by: Webroot
Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise
http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
