Here's a very simple scan that shows a fundamental problem: # nmap -Pn -sS -p22,80 scanme.nmap.org
Starting Nmap 6.46 ( http://nmap.org ) at 2014-06-02 15:41 PDT Nmap scan report for scanme.nmap.org (74.207.244.221) Host is up (0.035s latency). PORT STATE SERVICE 22/tcp open ssh 80/tcp filtered http Nmap done: 1 IP address (1 host up) scanned in 2.39 seconds That answer is wrong, both ports are open and responded to the syn packets. The above was run on a May 28th AMD snapshot, but I get the same results on i386 from an older April 3rd snapshot. PF was disabled. Anyone else seeing this? Thanks, Kent.
