is Windows Firewall enabled?
Hi boy, later the problem with virtualbox, now I have the problem with nmap scan. I have a virtual windows xp sp3 in virtualbox, and his ip address is 192.168.56.101. I try to scan with:
and I see that 1000 scanned ports are filtered... I proceed for grade to see the different response... I use:
nmap -sT -v 192.168.56.101
and response as similar as first response... I try:
nmap -sS -v 192.168.56.101
and response as similar as first again... I read the man and I now use:
nmap -sA -T4 -F -v 192.168.56.101
and I attended a different response, but I read the same solution, ports are filtered... I think that -sA -F change the response, but I wrong... Where is the problem? The problem is the host-only network of Virtualbox? Can I try another way??? If yes, which I try???
ps:my english is very bad, excuse me...
is Windows Firewall enabled?
Yes, windows firewall is enabled...
From nmap I not see particular access, all ports are filtered... If I use -sN, the ports are open|filtered... But I not see anyone service... If I stop windows firewall, I have 139 and 445 ports open with relative service, but this scene not is probable on real world... I would like to try real scene...
OK well in real life if someone has a firewall configured to block all incoming traffic you will get nmap results exactly like what you have already seen, so from the perspective of wanting to stay true to reality I guess you are successful.
In the meantime, you should stop setting yourself goals that you have no chance of reaching - if you do not understand how a technology works, do not turn it on.
For example, if you don't know the differences between -sS, -sT and -sA when you are using them in nmap, you are doing something significantly wrong.
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
Can I try a different way?Can you indicate it? Only indicate, later I see alone...
This scan is different than the others discussed so far in that it never determines open (or even open|filtered) ports. It is used to map out firewall rulesets, determining whether they are stateful or not and which ports are filtered.
The ACK scan probe packet has only the ACK flag set (unless you use --scanflags). When scanning unfiltered systems, open and closed ports will both return a RST packet. Nmap then labels them as unfiltered, meaning that they are reachable by the ACK packet, but whether they are open or closed is undetermined. Ports that don't respond, or send certain ICMP error messages back (type 3, code 1, 2, 3, 9, 10, or 13), are labeled filtered.
I try also -f option, but I have same response...
You need to learn some TCP/IP basics because this is the sort of stuff you should know BEFORE you start doing port scanning.