Monday, September 30, 2013

NMAP Protocol scan results

I am no sure about you guys but studying the NMAP Protocols scan results some times is very confusing.

This is the list of the normal respond recognize for NMAP:

Code 0 - Network Unreachable
Code 1 - Host Unreachable
Code 2 - Protocol Unreachable
Code 3 - Port Unreachable
Code 13 - Communication Administratively Prohibited

Let me give you some examples:

Code 0 - Network Unreachable

 nmap 192.168.14.1


Did you notice Type 13 Code: 0 , I could not reach the network 192.168.14.0 because there is not any route in my firewall to that network and it is not routed through internet.

Code 2 - Protocol Unreachable

In this occasion I will try to scan to a host that doesn't reply to ICMP in internet and we will get two different response, very interesting:

nmap 97.74.215.229


Did you notice Code 2 (Protocol unreachable)

Now at the same time we get this Type 3 Code 13 (Communication Administratively filtered)


Keep testing, nmap and Wireshark and applying filters using ICMP and you will get the types and codes, after you keep testing this will become familiar with you and you will begin to go deep with protocols, and remember the packet never lies.


No comments:

Post a Comment