nmap returns all ports closed/filtered, but firewall is off
I am a newbie to the computer security world though i do have some basic linux skills. I just installed backtrack 5.3 (VMware virtual machine using virtual box). my physical machine is a a macbook (mac os 10.8.2) I'm trying to run ports scans of the machines on my local network using nmap. Specifically i am trying port scan my own machine using something like:
nmap -sT -A -T4 -v 10.0.1.12.
I turned off the firewall on the mac, so I would expect to see ports open. However, nmap keeps returning that all ports are filtered:
starting Nmap 6.01 ( http:// nmap.org ) at 2013-03-14 22:29 EDT
Initiating Parallel DNS resolution of 1 host. at 22:29
Completed Parallel DNS resolution of 1 host. at 22:29, 0.01s elapsed
Initiating Connect Scan at 22:29
Scanning 10.0.1.12 [1000 ports]
Completed Connect Scan at 22:29, 2.94s elapsed (1000 total ports)
Nmap scan report for 10.0.1.12
Host is up (0.0016s latency).
All 1000 scanned ports on 10.0.1.12 are filtered
Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 21.15 seconds
Raw packets sent: 4 (152B) | Rcvd: 1 (40B)
I don't understand what this means. Should ports not be opened if the firewall is turned off? Also I am not sure how the router plays into this. I am on one physical machine, but back track is on a virtual machine (with ifconfig reporting ip 10.0.2.15). Just in case i tried opening a few ports on the router, that did not change the nmap results.
any help understanding this is much appreciated.
Re: nmap returns all ports closed/filtered, but firewall is off
First, sT is a default, so no need to state it, just do:
nmap -A -T4 -v 10.0.1.12
Try this: nmap -A -T5 -p- -PN 10.0.1.12
It will scan not only the 1024 ports and some high ports listed in the nmap-services file. You better describe all ports or range:
-p- all 65535 ports (Including port 0)
-p 1-65535 scan ports from 1-65535..You might have a TCP service listening at any high ports.
PN or P0 = no ping (I use PN). Some Firewalls might have blocked the ping, even a router, so avoid it. It is used to discover live machines in a LAN, if not specified, nmap will search the whole lan for LIVE devices.