Cant nmap from but can nmap to

procfs · 07-27-2006, 05:36 AM

Hi

I have a machine redhat es3 with updat 7, tried to nmap from this machine A to machine B and it gives a error

"host is down or it is blocking the ping messages ....."

Lets say

A 192.168.11.11
B 192.168.11.76

From A

I can ping any machine

I can nmap localhost and nmap 192.168.11.11

But from A I cant nmap to any host

From B

I can ping any machine

I can nmap 192.168.11.11 or nmap 192.168.11.76 any host and its works

Why is this happening

Thanks

Regards

Asanka

Matir · 07-27-2006, 10:36 AM

Does machine A perhaps have iptables rules blocking certain types of outbound traffic?

procfs · 07-30-2006, 10:46 PM

Hi Matir

No there are no Itables running,

I just change the NIC card it seems to work. Can this happen like for some type of packets to pass (ping, nfs share etc) and like nmap to be blocked by a defective NIC

Thank you
Regards

Asanka

timmeke · 07-31-2006, 06:31 AM

As described on the nmap man page, ping scans (icmp echo request messages) are used.
If A's NIC doesn't work properly or if the pings are blocked, then nmap won't work.

ckin2001 · 07-31-2006, 01:33 PM

nmap by default will not scan any host that does not respond to a ping request. In order to get around this restriction - use the option -P0 when invoking nmap, i.e.

nmap -P0 -O remotehost

procfs · 07-31-2006, 09:45 PM

Thats the thing I can ping from A to B and B to A and I tried nmap -P0 -O hostname but it still th esame.

I can nmap to A from B and to A localhost but not from B to A

timmeke · 08-01-2006, 02:08 AM

You do know that A's localhost interface isn't in any way reachable from B, right?
If A's services are listening on the localhost interface, then B can't use them.