Sometimes I receive some odd, or inconsistent port scan results. Consider the two following excerpts, copied from my command shell:
user@host:~$ nmap 10.1.1.0/24
Starting Nmap 6.47 ( http://nmap.org ) at 2015-10-15 13:47 AWST
Nmap scan report for (10.1.1.1)
Host is up (0.0073s latency).
Not shown: 979 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
500/tcp filtered isakmp
720/tcp filtered unknown
1097/tcp filtered sunclustermgr
1218/tcp filtered aeroflight-ads
2191/tcp filtered tvbus
3000/tcp filtered ppp
3013/tcp filtered gilatskysurfer
3283/tcp filtered netassistant
5001/tcp filtered commplex-link
5431/tcp open park-agent
7741/tcp filtered scriptview
8000/tcp open http-alt
8008/tcp filtered http
49176/tcp filtered unknown
55555/tcp filtered unknown
Less than ten minutes after the first scan started:
user@host:~$ nmap 10.1.1.0/24
Starting Nmap 6.47 ( http://nmap.org ) at 2015-10-15 13:56 AWST
Nmap scan report for (10.1.1.1)
Host is up (0.0081s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
5431/tcp open park-agent
8000/tcp open http-alt
I haven't done anything in between scans and don't understand what would cause the results to differ. Most of these extra services are unknown to me, so I can only speculate that these results are being shown in error; raising more questions. This is a frequent occurrence. What is likely to be the cause of this?
Thanks in advance.