(imported topic written by Miran_p91)
I have deployed Nmap, but I only have Run Nmap scan (large subnet) available. So I scan with this and wizard but I got only 2 machines of 5 (it was scanned in subnet where client was deployed). Are there any limits for trail? Can this work if OS has firewall enabled?
Thank you
(imported comment written by BenKus)
Hi Miran,
Firewalls are designed partially to defeat scanners and the NMAP scanner (although a very nice scanner with many features) will not be able to detect a system with a properly functioning firewall.
You might be able to play around with the NMAP options to detect certain systems that have certain firewall configurations, but in general firewalls will be able to defeat your scans.
Ben
(imported comment written by SystemAdmin)
When I used the scanner in the past I had our Admins apply a GPO to open the required ports in the firewall and then later close them again. This seemed to work fairly well except for the few PCs that had additional firewalls via their AV clients.
(imported comment written by Miran_p91)
Can someone explain why Run Nmap scan (large subnet) is applicable with namp scan point and Run Nmap scan is not?
(imported comment written by BenKus)
The “Run NMAP Scan - Large Subnet” indicates that the computer is in a subnet larger than a typical Class C subnet with 255 IPs. The reason this distinction is made is that it can take a long time to scan really big subnets and so you need to be aware of it (which is why we use a separate Fixlets).
Ben