Results 1 to 9 of 9
Thread: NMAP - strange output :S
-
05-30-2005, 11:50 AM #1Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 45
NMAP - strange output :S
hi everyone;
I have a problem with this command, It is showing a strange output where all ports are closed
[root@server root]# nmap -p 1-65535 localhost
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
All 65535 scanned ports on server (127.0.0.1) are: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 52 seconds
As you can see this is impossible cause' I'm connected to ssh and apache is running to...
If I run "nmap" to look in a particular port as 80, it shows:
[root@server root]# nmap -p 80 localhost
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on server (127.0.0.1):
Port State Service
Unable to find nmap-services! Resorting to /etc/services
80/tcp open http
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
This sistem is running "Fedora Core release 2 (Tettnang)" with all last updates installed. I run rkhunter to see if binary is corrupted, but its not...
Any idea?
Thanks for your help;
Luciano Tourreilles.
-
05-30-2005, 11:55 AM #2Junior Guru Wannabe
- Join Date
- May 2005
- Posts
- 67
Have you run nmap replacing localhost with your IP address? Are you are a VPS box by chance? Just a thought.
-
05-30-2005, 12:18 PM #3Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 45
hi debrown3rd;
Yes I did, I replaced "localhost" for the public IP, and it still shows the same output. This is a plain host without CPs, only apache and sendmail running.
Thanks for you response;
Luciano.
-
05-30-2005, 12:30 PM #4Web Hosting Master
- Join Date
- Aug 2002
- Location
- here
- Posts
- 1,566
try
nmap localhost
then from another box
nmap yourip#onotherboxDave
-
05-30-2005, 02:22 PM #5Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 45
I need to run the nmap locally to add its output to daily reports. I'm using portsentry to avoid external maps, so I need to run it locally
Thanks for your help;
Lucho.
-
05-30-2005, 02:24 PM #6Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
why not just do netstat -lntpe / netstat -lnupe. You mentioned portsentry which leaves me to belive its checking on the localhost aswell.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-30-2005, 02:40 PM #7Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 45
portsentry is configured to ignore local interfases...by the way, stopping portsentry daemon didnt work
I tried reinstalling nmap RPM, copying the binary from another server where it work properly, and nothing still showing the same..
Regards;
Luciano
-
05-30-2005, 02:50 PM #8Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
are you using any iptables rules?
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-30-2005, 03:20 PM #9Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 45
Yes thelinuxguy, you were right !! There was the problem, I need to tune the "synflooding" statement now, to let nmap explore all ports properly.
Thank you very much for your help!
Luciano.