Nmap stops on windows server

[jabbajabba]

There is this web server - It uses ASP so it must be a windows server. It is impossible for me to portscan it with nmap. Every time nmap stops at some point... I have tried every option. It doesn't reply ICMP echo requests. Its probably using a firewall. Any idea which firewall it is or how I can get some results from nmap ?
Thanks for any help

[Tiger Shark]

This server doesn't really sound like it is yours to be scanning with NMap the way you have phrased this. You have to also understand that packets emanating from NMap are usually quite recognizable thus it could be blocked/dropped/reset by any number of applicatons or devices.

My best advice to you is to call the admin of the server and ask him what OS/version/web server/patch level/open ports/firewall and workable exploits he uses/allows and see what he says. It might be quicker that way........

[slarty]

Originally posted here by jabbajabba
[B]There is this web server - It uses ASP so it must be a windows server.

A flawed assumption, but i'll let you continue.

It is impossible for me to portscan it with nmap. Every time nmap stops at some point... I have tried every option...

Are you sure you're being patient enough?

Why not ask the sysadmin what the network configuration is? I'm sure they would oblige if you have a legitimate reason for scanning it.

If you're doing pen testing, then it might make you look a bit silly though

Slarty

[x acidreign x]

it's relatively easy to block all icmp packet requests, there are other methods of scanning, though, look up port scanning, that is another method of finding live hosts. by scanning for common ports on every potential address, you can accurately determine which hosts are alive.

[forn28]

Tarpit can mess with ports scanning... And some configuration on firewall can slow your ports scanning to a craw. Be patient, that can be a very slow process. If you want to know what is happening, sniff with tcpdump what nmap do.

[jabbajabba]

Thanks for the replies.. I left my ego and asked the sysadmin who is a friend- he didnt tell me the firewall he was using (gave me some time to guess) but told me it specifically blocked connections and packets from nmap (didnt tell me how it did that either) .
Thanks

BTW slarty, I know there are a couple of ASP implementations on Linux including a perl module but are they as good as the one on windows ? I mean they cant do the .net things.

[prodikal]

If you are doing pen testing a open port doesent mean there is an exploitable service running on it you should leave the port scan and start focusing on web apps here is a good link to Web Application security if it doesent satify you're apetite pick a subject from there and focus on it most stuff isnt hard to learn. Also if you are on linux fireup tcpdump when you're scanning see what's going on with the packets there is also windump for windows

[wassup]

apache has mod asp, but it isnt as well supported as on IIS, have u tried using http banner grabber from www.gimpcode.com?