I have tried with a single host that I know is active (192.168.99.2), just to see if I might have been overlooking it, but no results. As an example: nmap -sF 192.168.99.1-25 generates ample packets in Wireshark. I am just scanning targets on my local subnet. I am running Wireshark on the "attacking" machine. According to the nmap documentation, the -sn option "consists of an ICMP echo request, TCP SYN to port 443, TCP ACK to port 80, and an ICMP timestamp request by default." Based upon this description, I would have thought a -sn nmap scan would have been captured by Wireshark as well. However, this does not occur when I run a host discovery/ping scan (-sn). With a "typical" port scan (default with no options, -sN, and -sF), Wireshark captures the packets, and I can analyze them. I am attempting to gain a better understanding of packet analysis using nmap and Wireshark.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |