FAQ missing port

From SecWiki
Jump to: navigation, search

I know this port is open, so why doesn't Nmap show it as open?

If Nmap is failing to show a port open that you know is open, the most likely cause is that Nmap did not try to scan that port. By default, Nmap scans the most common 1,000 ports for each protocol. If your port is not in that list, it won't be scanned. The port frequency information is stored in the nmap-services file distributed with Nmap, and you can see the list of ports by running nmap -v -oG - -sSU (substituting the scan type or other arguments you are interested in, but leaving out a target).

Another possible cause is that you are scanning for the wrong protocol. Be sure to use `-sU` to scan UDP; by default, Nmap scans for TCP ports only.

Be sure that the service is listening on the address you are scanning and not on localhost. If the output of netstat -an shows the port as or ::1:80 (examples for port 80), then it is inaccessible from the network, and can only be contacted on the loopback adapter.

Lastly, add --reason to your command or check the XML output (-oX) for information about why the port is reported in the state it is. If the port is filtered or the TTL for the reason response is different than that of other ports, then a firewall is probably blocking access.