Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: NMAP scan of my real IP address

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default NMAP scan of my real IP address

    Hi guys

    I can’t really figure this out, so I need some help, please. I’ve read the NMAP network scanning book and some tutorials on Nmap.

    My home LAN IP is 192.168.0.1 and using the 192.168.0.1/24 gets me the entire network etc.

    But now I want to test my Namp skills on my real IP address. (Gotten from What Is My IP Address? - Lookup IP, Hide IP, Change IP, Trace IP and more... )

    But when I scan my real IP address (eg. 123.456.789.0) then I only see my router, but not the rest of my network. (I have 7 devices on my LAN, via Wifi). Why not?

    Do this mean that if I secure my router good enough, I’m “home free” for the rest of the LAN? Because I can’t see :

    • Which devices are online
    • How many are online
    • Version detection
    • etc

    All the examples I have read about is regarding your own network, e.g. 192.168.0.1 or 10.0.0.1, which also works, because I running the scan within the network.

    Please help me clarify my confusion about this.

    Thanks
    //Linus

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: NMAP scan of my real IP address

    Sounds like you need to read up on the following subject: NAT (Network Address Translation). If you have more questions after reading that then we can try to help.

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default Re: NMAP scan of my real IP address

    Hi again

    Thanks for your replies.

    I've read more about NAT and Private vs. Public addresses.

    As I have understood, then a local network use one "private" IP address (e.g. 192.168.something), and each time I connect a device to my internal network, then I’ll get a new unique "private" IP address for that device.

    My router then have 1 "public" IP address for accessing the internet.

    So when one of my devices passes from my local network, it goes through the router and it's translated to my "public" IP address. It then gets the data back to the router and the router transfer it, to the correct device.

    I've tried to illustrate it like this:



    And that is why my "private" IP addresses, always only is shown as 1 "public" IP address, to the rest of the world.

    1) Is this correct?
    2) Unfortunately I haven't been able to figure out my original question. How can a NMAP scan see anything else but my router? (using the "public" IP address)?
    Last edited by Linus1907; 01-28-2010 at 02:10 PM.

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default Re: NMAP scan of my real IP address

    Last edited by Lincoln; 02-01-2010 at 11:01 AM.

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    1

    Default Re: NMAP scan of my real IP address

    public ip is something that people on internet will see as your ip address
    private ip is something that will be visible in your intranet and not on internet.
    you can see both the ip address here

  6. #6
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: NMAP scan of my real IP address

    You quoted on Lincoln's link to an article explaining the public and private addresses.
    I don't see the point.
    SecurityTube has two new sections. Questions & News

  7. #7
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default Re: NMAP scan of my real IP address

    Quote Originally Posted by tejji View Post
    public ip is something that people on internet will see as your ip address
    private ip is something that will be visible in your intranet and not on internet.
    you can see both the ip address here
    I was posting the link for the OP, I didn't bother to edit the link discription when I first posted it. Which is why I guess you thought it was a question I was asking.

    I went ahead and edited the post so it's more clear to anyone else who finds this thread.

  8. #8
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: NMAP scan of my real IP address

    Yes that is correct. Think of it this way. Your router is the border point of two networks (it exists on both your private LAN and the public internet / having one interface on each side). To scan a network you must be a part of that network. So scanning public addresses = scanning the network of networks (the whole internet), scanning private addresses = scanning your LAN.
    I hope this makes sense to you.
    Btw, some ISPs don't approve of you port scanning public addresses so be mindful of what you are doing.
    SecurityTube has two new sections. Questions & News

  9. #9
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default Re: NMAP scan of my real IP address

    Thanks, #mfBaranian#

    So if you secure your router, then the rest of the private LAN is "home free".

    Said in another way : NMAP scans are useless, in the "real" world, as long as you have a router in front.

  10. #10
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: NMAP scan of my real IP address

    Quote Originally Posted by Linus1907 View Post
    Said in another way : NMAP scans are useless, in the "real" world, as long as you have a router in front.
    I wouldn't say they were useless. Someone could still scan your router, find vulnerabilities, exploit them, gain access to the router and pawn your network. There are numerous ways of achieving such a scenario (and nmap is an unavoidable tool for doing so). I just said that you cannot scan your network directly through the router using the public address.
    SecurityTube has two new sections. Questions & News

Page 1 of 2 12 LastLast

Similar Threads

  1. nmap stack smashing
    By RageLtMan in forum Beginners Forum
    Replies: 8
    Last Post: 01-29-2010, 06:18 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •