Scanning oddities (Nmap, synscan.nes, and TCP ping)
Michel Arboi
mikhail at nessus.org
Thu Dec 2 09:23:43 EST 2004
On Tue Nov 23 2004 at 19:34, sgt_b wrote:
> As you can see the scan stops after 10 ports were scanned.
Any error in the log? As you are running Nessus 2.2., I suppose that
you are using nmap.nasl; the NASL interpretor calls nasl_pread which
should output messages if any problem arise (broken pipe or whatever)
> Nmap has been tested on its own, and does not exhibit this
> behavior.
Anything special? Very slow, or something like this?
> Its also worth noting that the ID the OS option does not work
> either.
What do you mean? OS fingerprinting?
> Here the scan takes a strange turn. When the scan is run, it starts by
> scanning ports, 21,22,25, and 34. Where did these ports come from?
Look at find_rtt() in synscan.c
> Lastly is the TCP ping itself. Given a series of ports to scan, TCP
> ping only scans the first one. Success or failure, the scan stops
> after the first SYN packet is sent.
Strange. Don't you have a problem with RAW IP on this machines?
--
arboi at alussinan.org http://arboi.da.ru
NASL2 reference manual http://michel.arboi.free.fr/nasl2ref/
More information about the Nessus
mailing list