2013. szeptember 10., kedd

ACK port scanning with nmap

I just found out about a very useful feature from the famous open-source port scanner, nmap. The ACK scan (-sA). When I want to find out what ports are blocked by the firewall or what ports are not, it comes in handy. At times you don't need to know whether the particular port is open or closed. You just want to know if it's reachable by any firewall (device or software firewall) along the network path. When it's unfiltered, it is reachable by the ACK packet. Both open and closed ports return an RST packet, filtered ones do not return anything. They are marked as 'filtered', we do not get any response from them, nmap is unable to determine their status, they give no response. The packet filter drops the port scanner discovery attempts. Scanning my internet router to demonstrate, here is a good example.

[qmi@localhost: ~]$
sudo nmap -sA 192.168.0.1
[sudo] password for qmi: 

Starting Nmap 6.00 ( http://nmap.org ) at 2013-09-10 18:11 BST
Nmap scan report for virginrouter (192.168.0.1)
Host is up (0.0027s latency).
Not shown: 994 filtered ports
PORT     STATE      SERVICE
23/tcp   unfiltered telnet
80/tcp   unfiltered http
443/tcp  unfiltered https
1900/tcp unfiltered upnp
5000/tcp unfiltered upnp
8080/tcp unfiltered http-proxy
MAC Address: XX:XX:XX:YY:YY:YY (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 4.96 seconds

Look at the ports above on the list as , 'unfiltered'. They mean that they are either open or closed. Another quick port scan reveals those ports' real status.

[qmi@localhost: ~]$ sudo nmap -F 192.168.0.1

Starting Nmap 6.00 ( http://nmap.org ) at 2013-09-10 18:21 BST
Nmap scan report for virginrouter (192.168.0.1)
Host is up (0.0050s latency).
Not shown: 94 filtered ports
PORT     STATE  SERVICE
23/tcp   closed telnet
80/tcp   open   http
443/tcp  closed https
1900/tcp closed upnp
5000/tcp open   upnp
8080/tcp closed http-proxy
MAC Address: XX:XX:XX:YY:YY:YY (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 1.69 seconds

So simple. Job done. 

Nincsenek megjegyzések: