Why does NMAP report “Host seems down” despite host responding to ping?
 

I am trying to test a new CentOS 6 server on my tiny LAN. From another Linux (Ubuntu 10.04) host I type:

This is despite the fact that if I ping it manually, there isn't any problem:

Why is this happening? How to fix this?

Did you try using -PN?

Thanks for this tip. I just tried it and NMAP responds that all "All 1000 scanned ports on 192.168.1.3 are filtered"
I understand that this has to do with the firewall on the remote (scanned) host, but the main reason I am trying to use NMAP is to see which ports on the remote host are open and whether it is at all ping-able.

Well, I can ping it using 'ping' but not using NMAP. I find this very confusing.

Furthermore, the iptables firewall on the remote host has SSH checked as a Trusted Service ("accessible from all hosts and networks"). Why didn't NMAP detect this?

UPDATE: It turns out that when I last scanned the CentOS 6 remote host, it was in sleep mode. When I woke it up and tried NMAP again, I received:

So, at least I see some consistency between the firewall setting and what NMAP reports.

I am still confused by NMAP not reporting a perfectly ping-able host. If I were to rely on NMAP for verifying that my host is 100% stealthed, it would have mislead me.

What am I missing about the correct usage of NMAP?

that tells you the port 22 is closed and not open. it all depends on how the firewall is configured on the other end. you can also use nmap -P0 to get past the "ping issue"

for just testing a specific port nmap -p<port number here> IP will be much faster then just nmap -PN or -PO

In my experience, and I am not a nmap guru by any means.
Filtered ports mean the firewall is rejecting packets

Closed ports, mean the firewall is dropping packets.

It's actually the opposite. :)