From: James Riden (j.riden@massey.ac.nz)
Date: Tue Aug 09 2005 - 21:35:39 EDT
Aleph One <al3ph.one@gmail.com> writes:
> Hi all,
> I faced a problem running two tools producing totally different results.
> What i did is described as ...I ran nmap on a IP with these parameters
> : syn scan,dont ping,very verbose ,aggressive scan..it showed ports 80
> n 1723 filtered.I ran this scan from Linux box.
> Same time ,i used netwag to scansame ip which showed these ports open.
>
> What can be the problem..??please help.
Run tcpdump and see what the packets going out and coming back
are. You can soon see which is reporting correctly. FWIW, my money is
on nmap being correct. Have a look at the nmap manpage to see what it
terms 'filtered'.
PS. You may want to change your handle. Someone else called "Aleph
One" used to moderate bugtraq, amongst other things, and people will
get confused.
-- James Riden / j.riden@massey.ac.nz / Systems Security Engineer GPG public key available at: http://www.massey.ac.nz/~jriden/ This post does not necessarily represent the views of my employer. ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:43 EDT