Nmap scan showing ports as Filtered

When running an Nmap scan all ports are showing as Filtered. This happens to each machine even the Starting Point machine. It is showing ports that I know should be open as Filtered on the machines, and can't start on a new machine as a result :(.

When i run nmap 10.10.10.27 (Starting Point machine) I get the message that the Host seems down but if it is up to use -Pn. When i add -Pn to the scan it says that all 1000 ports are filtered - and I know this should not be the case.

My settings are:
Kali Linux - Bridged Adapter (tried with NAT Network also).
I disabled the Firewall with ufw disable and the status is now inactive.
I even tried changing the Connection Pack from UDP to TCP which I saw somewhere but no luck.

Anyone have any idea?

Comments

  • What happens when you run tracert/traceroute or ping?

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited September 25

    Ping says the Destination Host is unreachable for 10.10.10.27 with two hops in traceroutre.

    Ping is working with 30 hops for 10.10.10.198 (easiest windows machine Buff).
    Perhaps 10.10.10.27 is just having issues as I am now seeing that port 8080 is open for 10.10.10.198 (8080 and 7680 with -p- scan). However it is saying that the other 999 ports are filtered which is making me unsure still. I get two ports open for 10.10.10.191 with 998 filtered.

    Perhaps you could check and see if you are seeing the same?

  • You may have resolved this now, if so this is commentary for people with the problem in the future:

    @luke116 said:

    Ping says the Destination Host is unreachable for 10.10.10.27 with two hops in traceroutre.

    What are the two hops in traceroute - this will probably say where the problem, if there is one, exists.

    Ping is working with 30 hops for 10.10.10.198 (easiest windows machine Buff).

    30 hops is not normal, it is the MAX traceroute takes as normal. 15 would make me think something is broken. I assume you meant traceroute here though.

    If I run ping against Buff, i get this:

    ping 10.10.10.198 -c 4
    PING 10.10.10.198 (10.10.10.198) 56(84) bytes of data.
    64 bytes from 10.10.10.198: icmp_seq=1 ttl=127 time=71.1 ms
    64 bytes from 10.10.10.198: icmp_seq=2 ttl=127 time=95.2 ms
    64 bytes from 10.10.10.198: icmp_seq=3 ttl=127 time=114 ms
    64 bytes from 10.10.10.198: icmp_seq=4 ttl=127 time=14.6 ms
    

    Traceroute isn't perfect because some devices wont respect ICMP echo requests. But it is still useful to try and identify any issues.

    Perhaps 10.10.10.27 is just having issues

    If this is the only machine with problems, then it probably is the machine. If it is every machine, then it probably isn't the machines.

    as I am now seeing that port 8080 is open for 10.10.10.198 (8080 and 7680 with -p- scan).

    How many ports should be open? I think only two should be open so you've got everything I am aware of.

    However it is saying that the other 999 ports are filtered which is making me unsure still. I get two ports open for 10.10.10.191 with 998 filtered.

    That is the correct result.

    Perhaps you could check and see if you are seeing the same?

    It would only be relevant if I was on the same connection as you. As I'd probably use a different tunnel and would spin up different machines, my results cant help you.

    I can tell you from the shoutbox, however, that people are getting flags from Buff and Blunder. So chances are high that any problems are either the specific instances you are looking at, or your network connection to them.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

Sign In to comment.