nmap showing all ports open
Results 1 to 8 of 8

Thread: nmap showing all ports open

  1. #1
    Junior Member
    Join Date
    Sep 2005
    Posts
    8

    Exclamation nmap showing all ports open

    When I scan any host on the internet its showing all ports that it scans in the open state? But i can scan a host on my personel network and it works just fine(showing only the ports that should be open)? Has anybody had this problem before? could it be my ISP's problem? The funny thing is, no matter which host i scan ((across the internet)) its shows ALL the ports and services open and running.
    ***********************************************************
    i dont know help me

  2. #2
    Member
    Join Date
    Feb 2006
    Posts
    33

    Re: nmap showing all ports open

    Originally posted here by kopter
    When I scan any host on the internet its showing all ports that it scans in the open state? But i can scan a host on my personel network and it works just fine(showing only the ports that should be open)? Has anybody had this problem before? could it be my ISP's problem? The funny thing is, no matter which host i scan ((across the internet)) its shows ALL the ports and services open and running.
    Well i guess you should just stick to scanning: "hosts on your personal network"
    instead of scanning any host on the internet.

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    It's a known fact that NMAP does not play nice with SOHO routers. If you're scanning from behind one, this may explain your issue. Be happy that your router hasn't locked up as this is another side effect of attempting to scan internet hosts from behind a SOHO router.

    Why does this happen? Think about the NAT capabilities of your lil router and the answer will be very apparent.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Junior Member
    Join Date
    Sep 2005
    Posts
    8
    im sorry i didnt specify YOUNGNOBODY Im scanning my own network across the internet for vulnerabilities...... pen-testing if you will.
    ***********************************************************
    i dont know help me

  5. #5
    Junior Member
    Join Date
    Sep 2005
    Posts
    8
    Horse13....Yes i have had my router lock up on me quite a few times and i culd never figure out why! thank you i am much obliged. now im on to google to understand NAT as well as SOHO routers
    ***********************************************************
    i dont know help me

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    kopter: The SOHO routers have a very limited amount of memory and processing power. It is very difficult for the routers to keep up with the nat translations.

    You'd be far better off with an ipcop box on some older hardware. Or, unplug your router and plug your machine directly into the connection. (if you have that option).

    If you've ever had a couple of torrents going, or any p2p for that matter... the soho routers lock up big time. Try to implement some sort of ACLs or QoS on them and it just gets worse... they have more work to do with fewer resources.

    I've had big issues in the past with linksys, netgear, etc. All the small office home office routers seem to have this issue. I've use a better quality router for a while now. If you have the extra cash, look at picking yourself up a better quality router. (Cisco 800 series are my favorite for SOHO.)

    If you don't have that kind of $ to dish out, dig up an older PII or PIII and throw 256megs of memory in it, two NICs and configure IPCOP. It'll run circles around any linksys or netgear "consumer" or "SOHO" "router".
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Junior Member
    Join Date
    Sep 2005
    Posts
    8
    Thanks everybody!! I went ahead and changed out routers, cloned the MAC my ISP had and my scans are going great find now! My next move is to put IPcop on this old PII ive got and see how that works

    On another note. Is there any way to disable NAT trasnlations on a router?

    The router i was using was a wrt54g so would it help to get some GPL firmware and use it? Or is it all in the hardware?
    ***********************************************************
    i dont know help me

  8. #8
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    kopter: You can't really disable NAT unless you have multiple IPs assigned to you by your ISP. Read up on what NAT is and how it works. After you know how it works, you'll understand why you can't turn it off while sharing one public ip with all the computers on your network.

    I have a wrt54g with the sveasoft firmware on it. You can download it for free @ http://wrt54g.thermoman.de/ I think you want freeman 1.0.4 .That firmware gives you a lot more features but it does nothing for the physical hardware. It is still very easy to overload the wrt54g with the GPL'd firmware. (Though, sveasoft isn't 100% GPL anymore, I don't think.)

    I have a Cisco 831 as my border device. It has plenty of resources for what you're trying to do. But, it is more costly than an IPCOP box. I only use the linksys for wifi access on a second subnet for my laptops and PDA's.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •