How Do You Handle a Discrepancy between NMAP Results?

Problem scenario
From two different servers the nmap results show different ports are open. What is the likely cause of this problem?

Possible Solution #1
Is there a firewall between the two servers? Some firewalls block incoming or outgoing connections exclusively. An OS level firewall or other intermediate firewall could easily produce discrepant nmap results based on the servers running the nmap command.

Possible Solution #2
Human error could be the problem. There are numerous ways for this to happen. Is the font size too small? The IP address you are testing is not what you think it is. Look at it carefully because human error can be a factor. Private IP addresses in private networks may be duplicated and pertain to entirely different servers. You may be on different servers with the same private IP address through two different terminals. The IP address may belong to a different server from the one you think you are testing. Use ip addr show | grep x.x.x.x where x.x.x.x is the IP address that you are testing. Try also copying and pasting it between the terminals.

Possible Solution #3
You could be using sudo with one command, and not using sudo with another. If this might be your situation, please see this posting.

Leave a comment

Your email address will not be published. Required fields are marked *