Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: nmap and windows xp sp3 in virtualbox

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default nmap and windows xp sp3 in virtualbox

    Hi boy, later the problem with virtualbox, now I have the problem with nmap scan. I have a virtual windows xp sp3 in virtualbox, and his ip address is 192.168.56.101. I try to scan with:

    nmap 192.168.56.101

    and I see that 1000 scanned ports are filtered... I proceed for grade to see the different response... I use:

    nmap -sT -v 192.168.56.101

    and response as similar as first response... I try:


    nmap -sS -v 192.168.56.101

    and response as similar as first again... I read the man and I now use:

    nmap -sA -T4 -F -v 192.168.56.101

    and I attended a different response, but I read the same solution, ports are filtered... I think that -sA -F change the response, but I wrong... Where is the problem? The problem is the host-only network of Virtualbox? Can I try another way??? If yes, which I try???


    Thank you...


    ps:my english is very bad, excuse me...

  2. #2
    Member whitelisted's Avatar
    Join Date
    Feb 2010
    Posts
    72

    Default Re: nmap and windows xp sp3 in virtualbox

    is Windows Firewall enabled?

  3. #3
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    Yes, windows firewall is enabled...

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    Yes, windows firewall is enabled...
    Its hard to tell from that response whether you realise the significance of the firewall being on, so, a follow up question.

    Is the firewall configured to allow access to particular ports or services?
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #5
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    From nmap I not see particular access, all ports are filtered... If I use -sN, the ports are open|filtered... But I not see anyone service... If I stop windows firewall, I have 139 and 445 ports open with relative service, but this scene not is probable on real world... I would like to try real scene...

  6. #6
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: nmap and windows xp sp3 in virtualbox

    OK well in real life if someone has a firewall configured to block all incoming traffic you will get nmap results exactly like what you have already seen, so from the perspective of wanting to stay true to reality I guess you are successful.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  7. #7
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    I would like to try real scene...
    You are looking for a button that says "hack them!!!!". There is not one. You need to learn the basics of Networking, specifically TCP/IP, but if you learn how 802.1x works along the way, then that is good.

    In the meantime, you should stop setting yourself goals that you have no chance of reaching - if you do not understand how a technology works, do not turn it on.

    For example, if you don't know the differences between -sS, -sT and -sA when you are using them in nmap, you are doing something significantly wrong.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  8. #8
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by lupin View Post
    OK well in real life if someone has a firewall configured to block all incoming traffic you will get nmap results exactly like what you have already seen, so from the perspective of wanting to stay true to reality I guess you are successful.

    Can I try a different way?Can you indicate it? Only indicate, later I see alone...


    Quote Originally Posted by Gitsnik View Post
    For example, if you don't know the differences between -sS, -sT and -sA when you are using them in nmap, you are doing something significantly wrong.
    I use first -sT to standard scan, I use -sS to try it, and I use -sA because the doc write this:

    This scan is different than the others discussed so far in that it never determines open (or even open|filtered) ports. It is used to map out firewall rulesets, determining whether they are stateful or not and which ports are filtered.

    The ACK scan probe packet has only the ACK flag set (unless you use --scanflags). When scanning unfiltered systems, open and closed ports will both return a RST packet. Nmap then labels them as unfiltered, meaning that they are reachable by the ACK packet, but whether they are open or closed is undetermined. Ports that don't respond, or send certain ICMP error messages back (type 3, code 1, 2, 3, 9, 10, or 13), are labeled filtered.

    I try also -f option, but I have same response...

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    Can I try a different way?Can you indicate it? Only indicate, later I see alone...
    Your port scanner is giving you correct results. Its telling you the ports are filtered because they are - the firewall is filtering them. If you want to see open ports, the firewall cannot be blocking traffic to those ports. Its pretty simple really.

    You need to learn some TCP/IP basics because this is the sort of stuff you should know BEFORE you start doing port scanning.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #10
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by lupin View Post
    If you want to see open ports, the firewall cannot be blocking traffic to those ports. Its pretty simple really.
    Can I conclude that when the firewall block connection I can not exploit the machine?


    Thank you all.

Page 1 of 2 12 LastLast

Similar Threads

  1. Virtualbox
    By Mito125 in forum Beginners Forum
    Replies: 10
    Last Post: 05-30-2010, 06:28 AM
  2. Cant add a 2nd NIC in VirtualBox
    By luizf in forum OLD Newbie Area
    Replies: 0
    Last Post: 01-31-2010, 12:02 AM
  3. BT in VirtualBox?
    By knickfan5745 in forum OLD Newbie Area
    Replies: 2
    Last Post: 07-22-2009, 01:38 PM
  4. BT3 under VirtualBox!
    By ioannou.alexandros in forum OLD BT3final Support
    Replies: 9
    Last Post: 12-15-2008, 09:13 AM
  5. Virtualbox
    By Shadowlurker in forum OLD BT3beta Software related issues
    Replies: 8
    Last Post: 04-20-2008, 11:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •