Menu
I am attempting to identify a mobile device on a LAN using Nmap, more specifically an Android smartphone. Both my laptop and the target (android smartphone) are connected to the same access point. I can ping the device etc. When I run a standard Nmap scan against the smartphone it says all 1000 ports are closed, which is odd considering I am browsing the web on the phone while the scan is running. With no ports being open, device discovery is very difficult.
Is anyone aware of an efficient way to identify a smartphone on a network? Or can anyone explain this kind of behaviour from the mobile device?
Thanks in advance
472
closed. A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection.
Closed ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered when they are responsive to Nmap's probes, but Nmap cannot determine whether they are open or closed.
Nmap works on both rooted and non rooted phones.
In order to block port scans, you need to enable filters 7000 to 7004 and 7016. Please ensure that you read the filter descriptions as some of them have warnings attached. The following filters detect and/or block port scans and host sweeps.
In my experience with nmap, i had to limit packet send rate to discover some devices. You can do so with the option
--max-rate : Send packets no faster than per second
For example:
nmap --max-rate 100 192.168.0.2
Using that speed, nmap finds my smartphone even though its 1000 ports are closed. If i set it to 500 packets per second, it doesn`t find it.
135
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
