14 replies to this topic

[Spyril]

Is there any way to scan my own computer on Nmap?

[g3x]

http://insecure.org/nmap/download.html

Download

Its not a program just allows nmap commands

so do nmap 192.168.1.1 (or w.e it is)

Revised:

nmap -sS -P0 192.168.1.1

[jabzor]

nmap -sS -P0 192.168.1.1

Windows won't allow you to syn your localhost, you'll have to full syn-ack or syn-scan from another machine/adapter.

Skipping SYN Stealth Scan against 192.168.1.1 because Windows does not support scanning your own machine (localhost) this way.

[g3x]

Well look at the screenshot works for me

Attached Files

•  nmap.JPG   27.9K   19 downloads

[n0x]

Theres another thread, just down the forum where this has been discussed!

[prick]

http://insecure.org/nmap/download.html
...
Its not a program just allows nmap commands

No it really is a program.

Well look at the screenshot works for me

I'm hedging a bet that 192.168.1.1 is your gateway's ip address and not the computer you were using to scan with, so != localhost.

[FPSED]

Most of the time 192.168.0.1/192.168.1.1 is the default gateway for local networks (Do a check with 'arp -a'). Im guessing the scan you did
on 192.168.1.1 came back with results of port 80 been open, along with possibly the AOL port, port 8080 if its set up for remote management,
and any other port forwarding services you might have going.

If you try nmap -sS -P0 127.0.0.1 , you'll get the result "Skipping SYN Stealth Scan against localhost (127.0.0.1) because Windows does not
support scanning your own machine (localhost) this way."

Best thing to do is to either scan using another machine on the network, or scan from the WAN using someone else's network WITH their permission .

[g3x]

scan my own computer on Nmap?

If you read his post he is trying to scan his own ports. This is not a program in the literal sense but just allows you to use nmap commands


Edit: It also showed me ports 20,21,23, and 80 and my mac address

Edited by g3x, 29 August 2007 - 09:36 AM.

[FPSED]

This is not a program in the literal sense but just allows you to use nmap commands

How do you mean? Do you mean to say that nmap is not a program? or that
nmap is some sort of protocol?

Edit: It also showed me ports 20,21,23, and 80 and my mac address

Port 21 and 23? If your using FTP and telnet, make sure that you have
some sort of logging facility on your gateway. Preferably set up firewall
rules for hours in the day they can be accessed to be safe, its not like your
going to want to telnet into your own network at 3-4am.

[g3x]

I have telnet closed it just tells me if those ports are opened or closed

sort of protocol

Yes

[FPSED]

I can understand why you might think Nmaps a protocol, but trust me, its not. To put it simply,
Nmaps a program that probes ports to see if there open or not. The different ports support different
protocols by default, so I can see where you may have been mixed up. Nmap isnt used
as a service to see if ports are open or not, so cannot be called a protocol.

Edited by FPSED, 29 August 2007 - 11:51 AM.

[g3x]

I have it installed for windows. You run cmd and then type the nmap command and works. I can see where you are coming from but its more of a protocol eh?

[Spyril]

A protocol?

http://en.wikipedia.org/wiki/Nmap

"Nmap is a free security scanner written by Gordon Lyon. It is used to evaluate the security of computers, and to discover services or servers on a computer network."

Scanning your external IP address from a non-routable network with NAT often does not work. "Your" IP address will probably be a 192.168.0.0/24 address, but "your" IP address when viewed from the outside will be different.

Read about NAT.

Scanning yourself from the same computer isn't very useful anyway. Which ports are "open" depends on not only programs bound to the port and listening for connections, but also software firewalls and any network hardware between you and whoever is scanning you. If you wish to scan yourself, have someone else run an nmap scan on your external IP address. If you're using NAT, it'll probably come up with nothing at all if you have no ports forwarded.

To simply see which ports have programs listening on them, you can use the netstat command.

So you need to clarify your question. Is your question "How do I see which ports are reachable from the Internet" or "How do I see which ports have programs listening on them?"

Ports reachable from the Internet

[FPSED]

You run cmd and then type the nmap command and works. I can see where you are coming from but its more of a protocol eh?

And I can start up AVG from the command prompt too, but that doesnt make AVG a protocol..

http://en.wikipedia....plication_layer

Scroll down. Theres a huge list of different protocols. SMTP, Telnet, SMB, POP3, DNS, Finger etc.
Nmap's simply a helpful tool.

[g3x]

Sorry I didn't understand what you meant but ya your right