The Hacker Project - a free online game

July 13, 2020, 12:57:35 PM
Welcome, Guest. Please login or register.

Login with username, password and session length











Down with the mega-corporations!
Pages: [1]
Print
Author Topic: Nmap scanner  (Read 3260 times)
jager
Sr. Member
****
Posts: 284



View Profile WWW Email
« on: December 17, 2008, 07:34:57 PM »

What's the deal with the nmap scanner.

You scan one gateway with nmap scanner v0.12 and in 12 minutes it returns results - usually saying that the protection is higher, hardware is blabla etc etc ...
Then you scan the same gateway with nmap scanner v3.0 and in 5 hours (!) returns THE SAME result, of course because the protection is higher then scanner.

So in both tries you get hidden protection and visible hardware.

My question - why bother with higher scanner if you get the same result with 0.1 nmap scanner in 12 minutes?

And usually you also get the level of protection as that is in most cases the highest version of software on gateway ...

lpJ.
Logged
Xirad
Jr. Member
**
Posts: 80



View Profile
« Reply #1 on: December 17, 2008, 08:34:34 PM »

Because you hope that their protection is lower than the 3.0 scanner... and if not... then you just wasted a lot of time, =P
Besides knowing that they have enough resources to run a v3.0 scan blocker at the minimum... along with whatever the highest FW bypass and PW breaker you can use...
« Last Edit: December 18, 2008, 09:44:59 AM by Xirad » Logged

Hmm....
termul
Full Member
***
Posts: 108


View Profile
« Reply #2 on: December 18, 2008, 03:56:26 AM »

Unless a higher scan blocker is running on the target, the scan result will always give you details about all the hardware and the highest version file on the harddisk.
Can be very usefull ....
Logged
jager
Sr. Member
****
Posts: 284



View Profile WWW Email
« Reply #3 on: December 18, 2008, 04:05:12 AM »

Unless a higher scan blocker is running on the target, the scan result will always give you details about all the hardware and the highest version file on the harddisk.
Can be very usefull ....

True, but that is the same if you run a 0.1 version of nmap or 3.0 version.

Like Xirad said - but that does not justify the lack of difference of the report or the difference in execution time!

And about enough resources - you get that with simple 0.1 scan. Unless he is running Scan blocker.

My advice to Sir Emi: execution time should be the same unless the target IS running scan blocker.

lpJ.
Logged
Araeus
Sr. Member
****
Posts: 447



View Profile Email
« Reply #4 on: December 18, 2008, 11:30:27 AM »

These are reasons why the Nmap scanner has always been pretty useless.

At the version it takes to beat firewalls it takes too long to be worth it...
Logged

MaTeMaTiC
Newbie
*
Posts: 8


View Profile Email
« Reply #5 on: February 18, 2009, 11:22:06 AM »

One more question:

Does Nmap scaner show the highest version file even if it is hidden? Or it depends on the difference between scaner version and hider version?
Logged
jager
Sr. Member
****
Posts: 284



View Profile WWW Email
« Reply #6 on: February 18, 2009, 11:31:42 AM »

As far as I know it display the version even if it is hidden.
Only way to prevent this is to run higher IP blocker.

However confirmation would be nice 1
Logged
termul
Full Member
***
Posts: 108


View Profile
« Reply #7 on: February 18, 2009, 12:45:35 PM »

I suggest running a scan blocker instead of an IP cloaker  19
Logged
jager
Sr. Member
****
Posts: 284



View Profile WWW Email
« Reply #8 on: February 18, 2009, 02:52:28 PM »

My mistake! Scan blocker is the right one!

IP blocker helps against Sniffers 1

It shows that i'm not using either. So once again - Scan blocker is protection against NMap scanner!
Logged
Pages: [1]
Print
Jump to: