why `nmap 192.168.1.97` returns less services than `nmap 127.0.0.1`?2019 Community Moderator ElectionDifference between `nmap local-IP-address` and `nmap localhost`Doing nmap on a networkCan you send a TCP packet with RST flag set using IPTABLES as a way to trick NMAP into thinking a port is closed?How to tell stateful vs stateless firewall with nmap ACK scanWhy nmap closed my connection?telnet to an host/port works while no service on this host listening on this portnmap raw packet privileges not working (“operation not permitted”, even as root)Why REJECT slows nmap?specifying more than one character on nmap --ip-optionsExhaustive list of REASONs why a host/server might be down (nmap --reason)What are those “unknown” services listed by nmap?
Start making guitar arrangements
Melting point of aspirin, contradicting sources
Why Shazam when there is already Superman?
Not using 's' for he/she/it
Travelling outside the UK without a passport
How should I respond when I lied about my education and the company finds out through background check?
Should I stop contributing to retirement accounts?
How to bake one texture for one mesh with multiple textures blender 2.8
The IT department bottlenecks progress. How should I handle this?
Which one is correct as adjective “protruding” or “protruded”?
Why does the Sun have different day lengths, but not the gas giants?
Are the IPv6 address space and IPv4 address space completely disjoint?
Has any country ever had 2 former presidents in jail simultaneously?
Create all possible words using a set or letters
How do I color the graph in datavisualization?
Biological Blimps: Propulsion
Lowest total scrabble score
Creepy dinosaur pc game identification
why `nmap 192.168.1.97` returns less services than `nmap 127.0.0.1`?
What is the evidence for the "tyranny of the majority problem" in a direct democracy context?
What was the exact wording from Ivanhoe of this advice on how to free yourself from slavery?
C++ debug/print custom type with GDB : the case of nlohmann json library
GraphicsGrid with a Label for each Column and Row
Is it safe to use olive oil to clean the ear wax?
why `nmap 192.168.1.97` returns less services than `nmap 127.0.0.1`?
2019 Community Moderator ElectionDifference between `nmap local-IP-address` and `nmap localhost`Doing nmap on a networkCan you send a TCP packet with RST flag set using IPTABLES as a way to trick NMAP into thinking a port is closed?How to tell stateful vs stateless firewall with nmap ACK scanWhy nmap closed my connection?telnet to an host/port works while no service on this host listening on this portnmap raw packet privileges not working (“operation not permitted”, even as root)Why REJECT slows nmap?specifying more than one character on nmap --ip-optionsExhaustive list of REASONs why a host/server might be down (nmap --reason)What are those “unknown” services listed by nmap?
According to https://networkengineering.stackexchange.com/a/57909/, a packet sent to 192.168.1.97 "doesn't leave the host but is treated like a packet received from the network, addressed to 192.168.1.97." So same as sending a packet to loop back 127.0.0.1.
why does nmap 127.0.0.1
return more services than nmap 192.168.1.97
?
Does nmap 127.0.0.1
necessarily also return those services returned by nmap 192.168.1.97
? Does a server listening at 192.168.1.97
necessarily also listen at 127.0.0.1
?
$ nmap -p0-65535 10.44.104.250
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for ocean (10.44.104.250)
Host is up (0.00039s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
3306/tcp open mysql
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
$ nmap -p0-65535 localhost
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00033s latency).
Other addresses for localhost (not scanned):
Not shown: 65529 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
631/tcp open ipp
3306/tcp open mysql
5432/tcp open postgresql
9050/tcp open tor-socks
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 5.39 seconds
Thanks.
nmap ip-address loopback
add a comment |
According to https://networkengineering.stackexchange.com/a/57909/, a packet sent to 192.168.1.97 "doesn't leave the host but is treated like a packet received from the network, addressed to 192.168.1.97." So same as sending a packet to loop back 127.0.0.1.
why does nmap 127.0.0.1
return more services than nmap 192.168.1.97
?
Does nmap 127.0.0.1
necessarily also return those services returned by nmap 192.168.1.97
? Does a server listening at 192.168.1.97
necessarily also listen at 127.0.0.1
?
$ nmap -p0-65535 10.44.104.250
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for ocean (10.44.104.250)
Host is up (0.00039s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
3306/tcp open mysql
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
$ nmap -p0-65535 localhost
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00033s latency).
Other addresses for localhost (not scanned):
Not shown: 65529 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
631/tcp open ipp
3306/tcp open mysql
5432/tcp open postgresql
9050/tcp open tor-socks
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 5.39 seconds
Thanks.
nmap ip-address loopback
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
3
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at192.168.1.97
necessarily also listen at127.0.0.1
?
– Tim
3 hours ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago
add a comment |
According to https://networkengineering.stackexchange.com/a/57909/, a packet sent to 192.168.1.97 "doesn't leave the host but is treated like a packet received from the network, addressed to 192.168.1.97." So same as sending a packet to loop back 127.0.0.1.
why does nmap 127.0.0.1
return more services than nmap 192.168.1.97
?
Does nmap 127.0.0.1
necessarily also return those services returned by nmap 192.168.1.97
? Does a server listening at 192.168.1.97
necessarily also listen at 127.0.0.1
?
$ nmap -p0-65535 10.44.104.250
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for ocean (10.44.104.250)
Host is up (0.00039s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
3306/tcp open mysql
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
$ nmap -p0-65535 localhost
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00033s latency).
Other addresses for localhost (not scanned):
Not shown: 65529 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
631/tcp open ipp
3306/tcp open mysql
5432/tcp open postgresql
9050/tcp open tor-socks
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 5.39 seconds
Thanks.
nmap ip-address loopback
According to https://networkengineering.stackexchange.com/a/57909/, a packet sent to 192.168.1.97 "doesn't leave the host but is treated like a packet received from the network, addressed to 192.168.1.97." So same as sending a packet to loop back 127.0.0.1.
why does nmap 127.0.0.1
return more services than nmap 192.168.1.97
?
Does nmap 127.0.0.1
necessarily also return those services returned by nmap 192.168.1.97
? Does a server listening at 192.168.1.97
necessarily also listen at 127.0.0.1
?
$ nmap -p0-65535 10.44.104.250
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for ocean (10.44.104.250)
Host is up (0.00039s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
3306/tcp open mysql
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
$ nmap -p0-65535 localhost
Starting Nmap 7.60 ( https://nmap.org ) at 2019-03-23 19:18 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00033s latency).
Other addresses for localhost (not scanned):
Not shown: 65529 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
631/tcp open ipp
3306/tcp open mysql
5432/tcp open postgresql
9050/tcp open tor-socks
33060/tcp open mysqlx
Nmap done: 1 IP address (1 host up) scanned in 5.39 seconds
Thanks.
nmap ip-address loopback
nmap ip-address loopback
edited 3 hours ago
Tim
asked 3 hours ago
TimTim
28k78269488
28k78269488
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
3
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at192.168.1.97
necessarily also listen at127.0.0.1
?
– Tim
3 hours ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago
add a comment |
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
3
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at192.168.1.97
necessarily also listen at127.0.0.1
?
– Tim
3 hours ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
3
3
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at
192.168.1.97
necessarily also listen at 127.0.0.1
?– Tim
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at
192.168.1.97
necessarily also listen at 127.0.0.1
?– Tim
3 hours ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago
add a comment |
3 Answers
3
active
oldest
votes
No, a service listening to a port on an external interface does not necessarily also listen on that port on localhost
.
You can test this with something like
nc -l external-ip-address port-number
Then run nmap
against localhost
, then against the external IP address.
add a comment |
In short, they are two different interfaces (192.168.1.97 vs 127.0.0.1), and may have different firewall rules applied and/or services listening. Being on the same machine means relatively little.
add a comment |
why does nmap 127.0.0.1 return more services than nmap 192.168.1.97?
Because to improve security many services are configured by default to only listen on 127.0.0.1 (and/or the IPv6 equivilent ::1)
Does a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
No
Generally a service can create a listening socket to listen on.
- A specific IP, such a listening socket will only accept traffic destined for that specific IP.
- 0.0.0.0 , this will accept traffic to all IPv4 IPs assigned to the machine.
- :: this will accept traffic to all IPv6 IPs assigned to the machine. It may or may not accept traffic destined to IPv4 IPs on the machine depending on the particular OS, system wide configuration and socket-specific options.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508229%2fwhy-nmap-192-168-1-97-returns-less-services-than-nmap-127-0-0-1%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
No, a service listening to a port on an external interface does not necessarily also listen on that port on localhost
.
You can test this with something like
nc -l external-ip-address port-number
Then run nmap
against localhost
, then against the external IP address.
add a comment |
No, a service listening to a port on an external interface does not necessarily also listen on that port on localhost
.
You can test this with something like
nc -l external-ip-address port-number
Then run nmap
against localhost
, then against the external IP address.
add a comment |
No, a service listening to a port on an external interface does not necessarily also listen on that port on localhost
.
You can test this with something like
nc -l external-ip-address port-number
Then run nmap
against localhost
, then against the external IP address.
No, a service listening to a port on an external interface does not necessarily also listen on that port on localhost
.
You can test this with something like
nc -l external-ip-address port-number
Then run nmap
against localhost
, then against the external IP address.
answered 3 hours ago
KusalanandaKusalananda
137k17258426
137k17258426
add a comment |
add a comment |
In short, they are two different interfaces (192.168.1.97 vs 127.0.0.1), and may have different firewall rules applied and/or services listening. Being on the same machine means relatively little.
add a comment |
In short, they are two different interfaces (192.168.1.97 vs 127.0.0.1), and may have different firewall rules applied and/or services listening. Being on the same machine means relatively little.
add a comment |
In short, they are two different interfaces (192.168.1.97 vs 127.0.0.1), and may have different firewall rules applied and/or services listening. Being on the same machine means relatively little.
In short, they are two different interfaces (192.168.1.97 vs 127.0.0.1), and may have different firewall rules applied and/or services listening. Being on the same machine means relatively little.
answered 2 hours ago
JohnJohn
11.7k11931
11.7k11931
add a comment |
add a comment |
why does nmap 127.0.0.1 return more services than nmap 192.168.1.97?
Because to improve security many services are configured by default to only listen on 127.0.0.1 (and/or the IPv6 equivilent ::1)
Does a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
No
Generally a service can create a listening socket to listen on.
- A specific IP, such a listening socket will only accept traffic destined for that specific IP.
- 0.0.0.0 , this will accept traffic to all IPv4 IPs assigned to the machine.
- :: this will accept traffic to all IPv6 IPs assigned to the machine. It may or may not accept traffic destined to IPv4 IPs on the machine depending on the particular OS, system wide configuration and socket-specific options.
add a comment |
why does nmap 127.0.0.1 return more services than nmap 192.168.1.97?
Because to improve security many services are configured by default to only listen on 127.0.0.1 (and/or the IPv6 equivilent ::1)
Does a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
No
Generally a service can create a listening socket to listen on.
- A specific IP, such a listening socket will only accept traffic destined for that specific IP.
- 0.0.0.0 , this will accept traffic to all IPv4 IPs assigned to the machine.
- :: this will accept traffic to all IPv6 IPs assigned to the machine. It may or may not accept traffic destined to IPv4 IPs on the machine depending on the particular OS, system wide configuration and socket-specific options.
add a comment |
why does nmap 127.0.0.1 return more services than nmap 192.168.1.97?
Because to improve security many services are configured by default to only listen on 127.0.0.1 (and/or the IPv6 equivilent ::1)
Does a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
No
Generally a service can create a listening socket to listen on.
- A specific IP, such a listening socket will only accept traffic destined for that specific IP.
- 0.0.0.0 , this will accept traffic to all IPv4 IPs assigned to the machine.
- :: this will accept traffic to all IPv6 IPs assigned to the machine. It may or may not accept traffic destined to IPv4 IPs on the machine depending on the particular OS, system wide configuration and socket-specific options.
why does nmap 127.0.0.1 return more services than nmap 192.168.1.97?
Because to improve security many services are configured by default to only listen on 127.0.0.1 (and/or the IPv6 equivilent ::1)
Does a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
No
Generally a service can create a listening socket to listen on.
- A specific IP, such a listening socket will only accept traffic destined for that specific IP.
- 0.0.0.0 , this will accept traffic to all IPv4 IPs assigned to the machine.
- :: this will accept traffic to all IPv6 IPs assigned to the machine. It may or may not accept traffic destined to IPv4 IPs on the machine depending on the particular OS, system wide configuration and socket-specific options.
answered 1 hour ago
plugwashplugwash
1,901619
1,901619
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508229%2fwhy-nmap-192-168-1-97-returns-less-services-than-nmap-127-0-0-1%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Because not all services are listening on the external interface?
– Kusalananda
3 hours ago
3
Possible duplicate of Difference between `nmap local-IP-address` and `nmap localhost`
– Jeff Schaller
3 hours ago
Seems to me that Rui's Answer there applies here.
– Jeff Schaller
3 hours ago
@Kusalananda In particular, does nmap 127.0.0.1 necessarily also return those services returned by nmap 192.168.1.97? Does a server listening at
192.168.1.97
necessarily also listen at127.0.0.1
?– Tim
3 hours ago
They're different addresses, why would a server listening at 192.168.1.97 necessarily also listen at 127.0.0.1?
– 炸鱼薯条德里克
1 hour ago