Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: nmap -sS SYN-SCAN does not find all open Ports?

from [FocusHacks] Network Security [Permanent Link]
Subject: Re: Re: nmap -sS SYN-SCAN does not find all open Ports?
Date: Mon, 25 Sep 2006 10:49:05 -0500 
I echo the sentiment about booting the live CD on a standalone
machine.  VMWare sometimes acts unpredictably with network tools.

Also, If you can, get a tcpdump or ethereal capture of your port scan.
This will help determine what's going on.  Ideally, you should do it
on the monitor port of the switch that your scanning machine is using,
or use a hub.  Running the capture on the scanning machine directly
might yield decieving results (i.e. tcpdump may say that a packet was
sent when it may have never actually hit the wire).

On 9/25/06, Arturas Zalenekas <security@zalenekas.net> wrote: 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

that with VM-Ware could be a problem. Try to boot from the Live-CD
directly and then do the scan. That is what you told. You could give
Sentoo a try. Its also a Live-CD based on Gentoo. They've build a lot of
security tools into (actualy almost everything that I know and use daily).
One more suggestion. Try to scan the FW from the internal network or
dial-in with VPN and scan internal interfaces and try to use the nmap
option -T in polite or other mode. If you have still any questions, feel
free to post.



Kind regards,

Arturas Zalenekas
Network Security Engineer and Analyst



> Hello,
>
> thanks for Your answer.
>
> So here are some more information:
>
> I'am trying to scan the firewall (Watchguard X700) of my company from home
> for securityreasons. So I know which ports are open, because I'am
> administering the firewall.
>
> I use the BackTrack 3.0 (remote-exploit.org) live linux cd. This is based
> on slackware. Kernel 2.6.156. with Nmap 4.03.
>
> On the Watchguard X700 all intrusion prevention features are disabled. So
> "Block SYN Flod Attacks" is also disabled. The firewall is not blocking me
> because I can do normal Connect() scans after a SYN-Scan and with the
> Connect() scan the open ports 80 and 443 are correctly found.
>
> Maybe VM-Ware (Windows) is the reason? I've run BackTrack in a vm (direckt
> access to nic) under Windows. What I will try this evening is to boot the
> notebook directly with  the BackTrack-CD and connecting directly with my
> ISP. Then performing a SYN-Scan again. Maybe then I will get better
> results.
>
> I will then post my result here.
>
> ---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic Excellence
> in Information Security. Our program offers unparalleled Infosec
> management
> education and the case study affords you unmatched consulting experience.
> Using interactive e-Learning technology, you can earn this esteemed
> degree,
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
>
>
>


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFF4w1RNnenGjQKnsRAg9kAJ40iog5G+DhjAhMEVbxJCNdLix4KACeIkCw
OEDafJpTLK1oFW9lzB5AOs0=
=InXK
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




--
http://www.FocusHacks.com - The Ford Focus Modification Site!
http://www.focushacks.com/focushacks-gpg.txt - My GPG encryption key

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Looking for the softwares to monitor our file server, Terry Lowery
Next by Date:  AW: Re: nmap -sS SYN-SCAN does not find all open Ports?, Benjamin Wagrocki
Previous by Thread:  Re: Re: nmap -sS SYN-SCAN does not find all open Ports?, Arturas Zalenekas
Next by Thread:  AW: Re: nmap -sS SYN-SCAN does not find all open Ports?, Benjamin Wagrocki
Indexes:  [Date] [Thread] [Top] [All Lists]