but if that was the case, for some reason 192.168.1.1 would have not responded to your ARP request, which I find unusual. If you were in the same network ( 192.168.1.0), then ARP would have been used instead (see ). On the other hand, 192.168.1.4 responded either to the ACK or the ICMP echo. This could mean that it has a firewall in place. Your second scan sent an ACK to port 80 and an ICMP echo, and 192.168.1.1 ignored it. Note that you can configure this type of scan when running Nmap as a super user (so even when you are a super user you can use instead of or ) and you will have obtained exactly the same result.
But you got what you wanted: seeing they were alive. This used to be a very noisy scan, because applications will log the fact that you have accessed them. In your first scan, both computers ( 192.168.1.1 and 192.168.1.4) accepted the TCP connection. If you understand how Nmap is working (, and ) then you can see why you are getting different results. Instead, Nmap will send a TCP SYN packet to port 80, by using connect as your normal user applications will do. Lastly, the default behaviour of uses RAW packets for the ICMP echo and the TCP ACK, so when you use an unprivileged user then Nmap cannot use this technique. If you use Wireshark you can see the ARP packet exchanges. If you are in the same network (and you are a super user), which in your case means the computer running Nmap has an IP like 192.168.1.X, an ARP request will be used instead. NOTE: Newer Nmap versions (I believe yours included) also send a TCP SYN packet to port 443 and an ICMP timestamp request. You are doing only a ping scan, which by default will do the following: You only ran the basic command with all the default options, and there is much more to explore. Then, it is your brain who should interpret them and come to conclusions. Imagine it as a mapping tool that will give you X results with some options and Z results with some others. Herein, the beauty of Nmap is its flexibility, that allows you to conduct many different scans to find what you need.
There exist different techniques because different devices in the network behave differently (routers, firewalls, different OS.), and also you might want to be more or less "invisible". Using Nmap is not like using a magic option combination that will give you straight away a definitive result. You are getting different results as expected, because you are doing different scans, even if you don't know that. Nmap done: 1 IP address (1 host up) scanned in 16.78 secondsįirst of all, I don't think Nmap is showing "wrong" results to you.
ZENMAP SUBNET SCAN MAC
MAC Address: B0:47:BF:AC:A6:C4 (Samsung Electronics) Nmap done: 255 IP addresses (1 host up) scanned in 26.98 ~ % sudo nmap -sn 192.168.1.3 The third scan I made was specific for a particular IP address(which was up during first 2 scans as well but was not reported by it). The second scan was made to see if it makes any difference if I had super user privilege. The first scan I made was not with super user privilege. Nmap keeps showing different and wrong results whenever I perform a scan to see how many hosts are up on my subnet.
0 kommentar(er)
