From: Vijay (zion.den@gmail.com)
Date: Tue Jun 26 2007 - 04:24:48 EDT
Hi Chaidre,
You could use the Connect scan option in nmap to get a more reliable
scan. saying that i just realize that there are firewalls/load balancers
that will respond with a SYN-ACK for every port, in that case i would
say only when you send a data part of the connection after the ACK will
you know if the port is really open. (people correct me if i am wrong).
Hope it was of some help.
Regards
Vijay
crumdub12@gmail.com wrote:
> A Chairde,
>
>
> Havin, some issues with scanning stacks on my system.
>
>
> 1. Using Superscan4 , I scan stack UDP-TCP 1-65534 , Sometimes I
>
> get no ports open , another time I get 49159 UDP Ports open, only get port report, no attempt made to open any ports ... , when get open ports , I always get 49159 UDP Ports ...... , use the scanner at 250msecs , takes around 16 hours to finish.
>
>
> 2. Using Languard, Nessus and Retina , get different scans from each tool, any ideas why, how do I find out real ports open.. differences can be 10,000 ports
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:54 EDT