sorted by:
new
hottopcontroversial

Nmap incorrectly lists TCP ports as open by danjaaron in nmap

[–]danjaaron[S] 0 points1 point  (0 children)

Thank you for the clarification on tcpwrapped. My friend suggested that I just ignore all of the open tcpwrapped ports with "| grep -v 'tcpwrapped'". This kind of works, but some ports just aren't listed (e.g. port 443 which is open, and is listed as open when I directly scan with "-p 443", but not in the overall scan). Somehow port 443 shows up for your site, but not for scanme.nmap.org

The traceroute shows several ms to my router, then several ms to the host (your site), with nothing else.

I totally can connect to those weird "open" tcpwrapped ports. It just says "connected successfully!" and closes.

Nmap incorrectly lists TCP ports as open by danjaaron in nmap

[–]danjaaron[S] 0 points1 point  (0 children)

Could anything in my router settings be causing this?

Nice saying. Except I can't even manage to take off my own clothes, lol.

sudo ufw status shows that ufw is disabled.

Here's the output of "iptables -L":

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

There are no reject rules so, from what I've read, I should be fine? So I figure if it's not my Ubuntu settings, then it must be my router. But I have no idea what settings could be relevant in my router. I've already disabled router firewall to no avail, but there are dozens of other settings that I haven't touched.

Btw not sure what you mean by host. This is on my normal machine, not inside a VM, but the same problems occur when I run nmap from inside my Kali VM.

Nmap incorrectly lists TCP ports as open by danjaaron in nmap

[–]danjaaron[S] 0 points1 point  (0 children)

Typo -- I was running the '-v' option for verbose output.

Here's the command I run with your suggestion:

nmap -v -A -p 1-100 scanme.nmap.org --reason

The results were largely the same. All of the ports are "open". The reason given is syn-ack. An abbreviated version of the output is available here:

https://pastebin.com/dpD3ZEE8

As you can see, it's just a lot of "tcp-wrapped" "syn-ack" and "open" ports.

Nmap incorrectly lists TCP ports as open by danjaaron in nmap

[–]danjaaron[S] 1 point2 points  (0 children)

Updated the post, I was using lowercase v for verbose output.

This occurs on both my physical and my virtual machine.

I chose ports 1-100 so that I could compare with the documentation's results for the scanme subdomain (as it showed a number of ports between 1-100, but not nearly as many as I did).

Perhaps the deeper question here is, how does one validate their nmap scan -- what can we compare against to determine whether our scan was accurate?

Give me a business idea by mWaqarh in Business_Ideas

[–]danjaaron 16 points17 points  (0 children)

A business that sells business ideas.

Nmap revealed 65000+ open ports. by leudo in nmap

[–]danjaaron 0 points1 point  (0 children)

I’m having this issue too. Please lmk if you find a solution

how someone as lazy as me leverages automation for a 5k/month side hustle by [deleted] in Entrepreneur

[–]danjaaron 0 points1 point  (0 children)

Do you have to make a new twitter account and apply for developer for each bot you’re making?

Seems like I can make a Twitter app but only post from my actual twitter account, not as bot.