I need an #nmap wizard. Can someone explain? This doesn't make any sense.

% sudo nmap -n -Pn -p80 192.168.183.32
Starting Nmap 7.94 ( https://nmap.org ) at 2024-11-28 11:29 CET
Nmap done: 1 IP address (0 hosts up) scanned in 1.46 seconds

% sudo nc 192.168.183.32 80
GET / HTTP/1.0

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache

@floyd Weird handling of half-open connections? Have you tried with -sT?

@buherator that says open... I'm going to read up then

@buherator weird, -sS doesn't send out a SYN according to wireshark, where as -sT works fine and I see the packets. I guess weird MacOS interface stuff, need to look into that

@floyd Maybe sudo doesn't really grant you full rights to send raw packets?

@buherator @floyd Just lost a few hours yesterday for the same-ish reason, genuinely thought scapy was broken 😞

@swapgs @floyd You mean sudo vs. raw sockets?

@buherator @floyd Yep!

@swapgs @buherator btw. it wasn't the raw socket permission issue, because I didn't change anything in that regards (only restarted, unplugged/plugged interfaces, etc.) and now it works again. I guess it was really some routing or such, but I absolutely need to figure this out somehow at one point. Wireshark was empty for the correct interface. And in the end this is buggy, nmap should at least show an error. Also combination of "-Pn" and "0 hosts up" doesn't add up, does it?

@floyd @swapgs yeah, I did a quick test and ports should even come back as filtered and >0 hosts up with -Pn.