New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nmap missing pingable, arpingable LAN host unless UFW has been disabled on the remote host #2831
Comments
Looking at the logs on the host eluding discovery (192.168.0.106), I see some of the following UFW block logs:
After reading https://superuser.com/questions/739481/what-might-these-connection-attemps-mean, my guess would be that these Is there anything I can do from the Again, I can consistently |
Describe the bug
nmap fails to discover a LAN host that is both pingable and
apingable
. But Disabling UFW on the LAN host makes it discoverable by nmap.To Reproduce
sudo nmap 192.168.0.0/24
Expected behavior
Host 192.168.0.106 should show as UP
Version info (please complete the following information):
nmap --version
:nmap --iflist
Here's a verbose log after attempting to scan only the given host:
Additional context
This behavior is flaky and sometimes nmap does discover the host.
As mentioned earlier, completely disabling
ufw
on the host192.168.0.106
changes the result and makes the host consistently discoverable by nmap.I'm not very familiar with the details but my understanding is that running as root allows
nmap
to send arpings which cannot be blocked by firewalls likeufw
according to some sources.The text was updated successfully, but these errors were encountered: