Questions tagged [nmap]
A robust and open source security tool for network discovery and security auditing.
534
questions
1
vote
1
answer
293
views
nmap: no exact OS matches when adding the exact signature to nmap-os-db
I'm currently trying to learn Nmap -O (OS guess feature).
I'm launching the following command: nmap -O 172.17.0.3
This command is generating the following fingerprint as output:
No exact OS ...
- 11
3
votes
2
answers
3k
views
nmap doesn't give service versions using -sV
Running the command
nmap -sV -T4 -A x.x.x.x
results in
5901/tcp open ssl/vnc-1?
|_ssl-date: TLS randomness does not represent time
| fingerprint-strings:
| GetRequest:
| HTTP/1.1 503 ...
- 33
0
votes
1
answer
397
views
Is there a way to identify whether "filtered" state in nmap output caused by a network or host-based firewall?
Is there a way to identify whether "filtered" state for a specific port in nmap output is caused by a network firewall or host-based firewall?
- 180
2
votes
1
answer
904
views
How do I find subnets on the network in order to scan them for hosts?
I'm new to Security and I'm doing INE's Penetration Testing Student Learning path. In the current lab, (Find the Secret Server) we have this setup:
The exercise focuses on adding an entry to the ...
- 121
2
votes
1
answer
2k
views
How to remotely check if SSL 3.0 is enabled on server?
I would like to remotely verify whether SSL 3.0 is running on several servers.
Previously, this command:
openssl s_client -connect example.com:443 -ssl3
Would have worked but now I am getting the ...
- 23
0
votes
0
answers
2k
views
Scan for open ports on subdomain
I am curently scanning for open ports on a subdomain. Say I have example.com and subdomain.example.com, but this subdomain can only be reached at port 8443. How can I scan for other potential open ...
- 1
1
vote
1
answer
705
views
How to confirm what service is running on a port identified by nmap?
Probing with nmap returns BlackICE on a couple of ports however it seems to be a really old tool according to these manuals.
Starting Nmap 7.80 ( https://nmap.org ) at 2022-10-16 20:27 EDT
Nmap scan ...
- 141
1
vote
1
answer
363
views
How can I port scan my p2p device?
I have a device and I am trying to port scan it. I did the basic
nmap -A -p0- 192.168.0.x
but I am just getting
0/tcp filtered unknown
so I don't think it is working. The device works on p2p so I am ...
1
vote
1
answer
254
views
Prevent Discovery of Port from NMAP scan using -Pn
Is there a way to prevent a port from being discovered by nmap? I found that port 1433 is still being flagged as "open" when using the following command:
nmap <ip_add> -Pn -p1433
or
...
- 11
0
votes
1
answer
3k
views
Why did Nmap not yield results when scanning a friend's public IP address? [duplicate]
I am trying to learn more about Nmap but it seems like it can only really give any information if you're actually connected to the network you're scanning on. For example, a friend and I gave each ...
- 13
0
votes
1
answer
223
views
What is the version of the scanned OS?
I've scanned a target with metasploit scanner/smb/smb_version and nmap -O.
smb_version: Windows 2016 Standard (build:14393)
Nmap: Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
What is ...
0
votes
0
answers
109
views
Does fragrouter work with OpenVPN?
My goal is to evade IDS/IPS detection and scan the target with nmap. If the scan is detected, the target seems to stop responding for 10s. I think that IP Fragmentation Attack is exactly what I need.
...
- 11
1
vote
0
answers
3k
views
SSLLabs' SSLTest vs. nmap ssl-enum-ciphers
Recently I conducted a SSL server test to assess the SSL configuration of my server. While the overall grade A+ was pretty good, it was found that the server supports several cipher suites that are ...
- 121
0
votes
1
answer
537
views
Nmap reports an open port as closed
I'm running an OpenVPN server and can use it normally; I know for a fact that the port is open. Running an Nmap scan on port 1194 (the one I'm using) says it is closed. What could be causing this ...
- 74
1
vote
1
answer
209
views
The server acts as a database server , but there is no open port regarding that why?
I've taken a pen-testing course and for the final certificate, I have to analyze a server and make a report regarding the vulnerabilities.
The server does multiple functionalities, It acts as a web ...
- 41