Questions tagged [nmap]
A robust and open source security tool for network discovery and security auditing.
41
questions with no upvoted or accepted answers
4
votes
0
answers
576
views
Preventing Dionaea Service Identification
I've been working on trying to prevent Dionaea service identification using articles such as this. I've managed to disguise most of the ports that dionaea utilizes. However, when scanning with nmap, ...
3
votes
0
answers
959
views
What reason would you use the decoy scan option for Nmap?
I'm confused as to why you would use the -D option for Nmap. Is there any 'white hat' reason for using it? Or is it used particularly for malicious purposes?
2
votes
0
answers
2k
views
Check for allowed OpenVPN SSL/TLS cipher suites from the client-side
I would like to check cipher suites that the OpenVPN server accepts. I used nmap:
nmap -sU --script ssl-enum-ciphers -p 1194 <IP>
but the results are only:
Host is up (0.0033s latency).
PORT ...
2
votes
0
answers
140
views
How to evaluate a responsive but unknown network protocol?
I am studying CREST CPSA where the syllabus is listed here.
There is a part of the syllabus which states I should know the Evaluation of responsive but unknown network applications.
I find this ...
2
votes
0
answers
1k
views
Windows XP SP3 2002 is not vulnerable to MS08-067
Why is my VM not vulnerable to MS08-067?
There are similar question on stack exchange, yes, but they fail to specify all relevant information and so non receive a meaningful, thoughtful nor thorough ...
2
votes
1
answer
276
views
does Nmap automatically use proxychains if configured?
I have configured my proxy chains in /etc/proxychains.conf. Then when just run nmap or even nc without the proxychains prefix, it automatically uses the proxy chains and routes the traffic through the ...
2
votes
0
answers
264
views
WPA2-Enterprise - unable to find a way around Lanner Electronics
I have currently been working in an environment where I am connected to a WPA2-Enterprise network requiring me to enter my username and password for the network whenever I connect. I have been asked ...
1
vote
0
answers
3k
views
SSLLabs' SSLTest vs. nmap ssl-enum-ciphers
Recently I conducted a SSL server test to assess the SSL configuration of my server. While the overall grade A+ was pretty good, it was found that the server supports several cipher suites that are ...
1
vote
0
answers
483
views
Unable to ping scan my machine (but I can ping)
I need to perform an nmap scan on all of the (responding) IPs in an array of VLANs.
The command is nested in a PowerShell for loop and looks something like this:
nmap.exe -Pn -T4 -A -oG [FILE].txt -oX ...
1
vote
0
answers
553
views
Is there an updated (non-Nmap) top 100 or top 1000 common ports list?
I know Nmap has nmap-services file which gives us the list of top 1000 ports/services found on the Internet. But this list seems to be outdated, as the Nmap top 1000 list doesn't include several ...
1
vote
0
answers
497
views
Inbound rules for a port is configured and disabled yet an NMap scan shows that the port is opened
I am new to Windows Defender but have read about it to understand the basics of Inbound/Outbound rules.
As mentioned on the app, Inbound connections that do not match a rule are simply blocked.
For ...
1
vote
0
answers
432
views
Why ever "trust" Nmap's reverse lookup for system hostname when doing host discovery?
Quick question. I was scanning a lab network with Nmap just doing host discovery to see what hosts were out there. I got a list of hosts, ips, hostnames, ports open, services, etc. Upon further ...
1
vote
0
answers
6k
views
Nmap only detect virtual hosts and not physical hosts (maybe segmented network)
When my network settings is set to NAT and interface is eth0, this is the output of a simple nmap scan
root@pc:~# nmap 192.168.0.0/24
Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-04 18:47 EST
...
1
vote
0
answers
927
views
LOTs of filtered ports on my server
I'm setting up a dedicated server (4 days uptime, not in production yet).
I'm a coder, not a sysadmin or a security expert so bear with me.
I just tried to portscan it with nmap -p- -T5 -Pn -sV -v to ...
1
vote
0
answers
1k
views
Open Ports (WAN side) on Netgear R7000 Router using nmap
An nmap scan (WAN side) on my Netgear R7000 router indicates that there are two ports open: 80/tcp (http) and 1720/tcp (h323q931). My method to perform a WAN side scan on the router is to access the ...