Nmap vs Firewall

[donhubix]

Hey

Nmap vs. Windows 7 za Firewallem (LAN).

Nmap:
Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-31 10:24 BST
Nmap scan report for 192.168.0.4
Host is up (0.11s latency).
All 1000 scanned ports on 192.168.0.4 are filtered
MAC Address: 00:22:FB:1C:50:64 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 113.42 seconds

Traceroute:
traceroute to 192.168.0.4 (192.168.0.4), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
(...)
30 * * *

Nessus:
Nessus podobnie-NIC.

____________________________

Stealth Scan (-sS, -sP) nic nie daje, fragment packets (-f) rowniez. Czytalem na ten temat sporo, wielu ludzi poleca uzycua rozbieznosci czasu (-T) tak, zeby scan trwal kilka godzin-sprawdzajac jeden port co kilka minut lecz nie rozumiem w jaki sposob to ma pomoc-firewall to firewall, ma nie przepuszczac to nie przepuszcza pakietow. W manualu nmap'a wyraznie jest napisane ze nmap ma nieskonczone mozliwosci i da rade przeskanowac wszystko. Pewnie tak ale to nie na moja glowe-jakies pomysly?

Hubix

 

[donhubix]

root@bt:~# nmap -PN -sV -vv -n -p775 192.168.0.4

Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-31 10:40 BST
NSE: Loaded 17 scripts for scanning.
Initiating ARP Ping Scan at 10:40
Scanning 192.168.0.4 [1 port]
Completed ARP Ping Scan at 10:40, 0.01s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 10:40
Scanning 192.168.0.4 [1 port]
Completed SYN Stealth Scan at 10:40, 0.21s elapsed (1 total ports)
Initiating Service scan at 10:40
NSE: Script scanning 192.168.0.4.
NSE: Starting runlevel 1 (of 1) scan.
Nmap scan report for 192.168.0.4
Host is up (0.0020s latency).
Scanned at 2012-08-31 10:40:10 BST for 0s
PORT STATE SERVICE VERSION
775/tcp filtered entomb
MAC Address: 00:22:FB:1C:50:64 (Intel Corporate)


Mam 775 (filtered)-Zawsze cos.

Hub