-
July 4th, 2005, 05:23 AM
#1
nmap oddity
Can someone explain to me how the -T parameter makes any difference when scanning one port? In this case, -T1 reveals a port where -T5 doesn't.
C:\Documents and Settings\soda>nmap xxxxxx -P0 -T1 -p 4531
Starting nmap 3.81 ( http://www.insecure.org/nmap ) at 2005-07-04 11:13 Central
Daylight Time
Interesting ports on xxxx (xxxx):
PORT STATE SERVICE
4531/tcp open unknown
Nmap finished: 1 IP address (1 host up) scanned in 15.875 seconds
C:\Documents and Settings\soda>nmap xxxxxx -P0 -T5 -p 4531
Starting nmap 3.81 ( http://www.insecure.org/nmap ) at 2005-07-04 11:13 Central
Daylight Time
Interesting ports on xxxxxx (xxxxx):
PORT STATE SERVICE
4531/tcp filtered unknown
Nmap finished: 1 IP address (1 host up) scanned in 0.953 seconds
C:\Documents and Settings\soda>
I'm scanning an Astaro distro, IPtables firewall I believe. The open port is a webadmin interface. I've always believed the -T option spread the scan over a period of time. The SYN should be a single packet, it wouldn't really be changed in any way by -T, right? The rate of SYN's being sent out should be changed, which is what I thought (making this confusing)
15 seconds versus .9 seconds to send out one packet makes a difference?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|