Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

nmap questions

Status
Not open for further replies.
quicktime1

quicktime1

Technical User
Oct 28, 2002
8
0
0
KH
i am using nmap for windoze to do some security checking on my network... however, i alwasy get "host seems down" errors even on machines i know to be working... any ideas? i'm fairly new at this and just learning. thanks in advance for any help.

jn5
 
Sort by date Sort by votes
Most targets always have ICMP blocked. If you're running nmap against these, then run it with the -sS (TCP Stealth scan) and the -P0 (don't ping) switches. If you don't run the -P0, then the host will be down everytime.
I've never run nmap under windows, so the commands may be different (I doubt it though).

Are you running the scan from inside the network, ro over the internet? If its over the internet, then the above suggestion should work. If you're on the LAN and scanning, trying scanning a simple workstation that is not protected by the firewall.

When doing security scans, its always best to run a test from inside and outside. That way you see what ports are open on the server (from scanning from the insdie) and then see what ports the firewall is blocking (from scanning outside).

Another great scanning tool is . Check it out. I'm not sure if there's a windows client though.

Hope this helps!
 
Upvote 0 Downvote
quicktime1,

SgtB is correct in that most of the "host down" responses are due to ICMP being blocked and that the -P0 switch will disable ping and scan a host anyway. The Windows version of NMAP is exactly the same as the *nix version, except for the command. Beware that this will take a LONG time to complete the scan because each scan of each port will have to time out for each of the hosts that really doesn't exist.

You can also use the TCP Ping, but you would have to choose a port that will be open on all of your target boxes, like 135 - 139 if you are a Windows shop.

Nessus does make a Windows Client, but the server must be a *nix box. You can download Mandrake Linux's Lin4Win and install Linux as Windows files, so you don't have to repartition your drive if you want to play around with *nix and Nessus.

Another potential issue is your privileges on the Windows box. You need privileges to create RAW sockets on the computer that you are running NMAP on. I've never tried from any account other than Administrator, but it is possible that a normal user would not be able to open the RAW socket and would need run a TCP Connect scan instead.

Good luck!

pansophic
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

tpit
  • Locked
  • Question
Watchguard questions
Replies
0
Views
22
tpit
tpit
viperman
  • Locked
  • Question
2 VPN questions for firebox x700
Replies
0
Views
18
viperman
viperman
userice
  • Locked
  • Question
Accesslist Questions
Replies
5
Views
33
brianinms
brianinms
ESSulzer
  • Locked
  • Question
Multiple ASA 5505 questions 1
Replies
6
Views
50
ESSulzer
ESSulzer
North323
  • Locked
  • Question
ASA 5505 Traffic Shaping Questions
Replies
4
Views
35
North323
North323

Part and Inventory Search

Sponsor

Back
Top