If the all ports are filtered or closed as result of nmap scan, what would be the next logical step to take?

Is that mean I would need to get a physical access to the device? or is there any other ways to get information, I’m trying to scan my own smartphone and all the ports are closed, and I did the same with my laptop and all the ports were filtered, so, I’m kind of stuck. On the other hand, all the information I found on Internet is relying on getting more results with differents nmap scans, so I guess my real question here is , Is there any other software, teqnique or anything to do that’s not involving nmap? `

(This is not a question about what does mean filtered or closed)

`

Why does my Query use a Bitmap Heap Scan

my simple query is not really fast and I don’t know why my query is using Bitmap Heap Scan.

explain analyze verbose SELECT connections, epoch_time FROM connections WHERE host_name = ‘xyz.z’ ORDER BY epoch_time;

Output:

                                                           QUERY PLAN 

Sort (cost=3257.93..3316.47 rows=23415 width=13) (actual time=8.607..9.624 rows=23259 loops=1) Output: connections, epoch_time Sort Key: connections.epoch_time Sort Method: quicksort Memory: 1859kB -> Bitmap Heap Scan on public.connections (cost=545.88..1558.57 rows=23415 width=13) (actual time=1.341..5.840 rows=23259 loops=1) Output: connections, epoch_time Recheck Cond: ((connections.host_name)::text = ‘xyz.z’::text) Heap Blocks: exact=651 -> Bitmap Index Scan on idx_host_name (cost=0.00..540.03 rows=23415 width=0) (actual time=1.266..1.266 rows=23259 loops=1) Index Cond: ((connections.host_name)::text = ‘xyz.z’::text) Planning Time: 0.171 ms Execution Time: 10.405 ms (12 rows)

The table has 97806 rows and I have created an index on the field epoch_time. The table has 4 columns (id, host_name, connections, epoch_time)

Thanks for your help!

Best regards

Chrome Vulnerabilities are detected in vulnerability scan even after upgraded with latest versions

Had few chrome vulnerabilities [CVE-2020-6420] detected by BI(Retina). Upgraded the affected machines to chrome version 84.0.4147.89. After re-scan still the same vulnerabilities are detected.

Anyone experienced it before ? please help to resolve

I can’t find my switch’s ip by both ARP and ICMP protocols scan with nmap

My switch is a TP-Link TL-SG105E perfectly function, but I can’t access to it because, it’s like hidden somehow from the network. I used tools like Netdiscover:

netdiscover -I wlp2s0 -r 192.168.0.0/24

and Nmap:

nmap -PR 192.168.1.0/24 nmap -SP 192.168.1.0/24

and I tried to find it via open port 80

nmap -p 80 192.168.1.0/24

And many other tests. All of them gave me the same result but not my switch IP or mac address. I’m wondering how it is possible that a fully functional device which previously could identify even the operating system now can’t find it on the network and still work without responding to the ARP ICMP HTTP protocols. It’s not even listed in Router’s DHCP address table. How can it still work? And how can it not be found after scanning the network? And for those who wonder, I hit the reset button and it’s still the same.

Thank you all for your time.

How can I scan for a specific CVE on my own hosts?

We have an application which was vulnerable to CVE-2019-18935 and a malious file was injected into a temp folder (but not executed it seems). We have now resolved the issue by updating a 3rd party Telerik library, but it occurs to me that we could/should have known about our exposure to this much earlier than this month (May 2020) so I’ve been trying to find out how I could have scanned for this vulnerabilty in advance of being exploited?

I have tried to use Kali Linux’s nmap, with the “vulners” script, but it returns several CVEs (which seem to be false positives) and don’t mention the “biggie” which is the Telerik one: https://nvd.nist.gov/vuln/detail/CVE-2019-18935

enter image description here I had updated nmap and the databases (from their original Git source) so why would it not know about (or fail to detect) CVE-2019-18935?

Host not connected to my router shows up in a nmap scan

After scanning my local network with nmap, this host shows up listed as a nmap result but it is the only host that shows on nmap that is not listed as a client on my router list of connected devices.

❯ nmap 192.168.0.xxx -A                                                                                                                                                                  Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-21 14:33 -03 Nmap scan report for 192.168.0.xxx Host is up (0.0056s latency). Not shown: 998 closed ports PORT     STATE SERVICE VERSION 6666/tcp open  upnp    MiniUPnP 1.6 (Linksys/Belkin WiFi range extender; SDK 4.1.2.0; UPnP 1.0; MTK 2.001) |_irc-info: Unable to open connection 8888/tcp open  upnp    MiniUPnP 1.6 (Linksys/Belkin WiFi range extender; SDK 4.1.2.0; UPnP 1.0; MTK 2.001)  Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 37.47 seconds 

What exactly about this host might be causing it to show on nmap in my local network if its not connected to my router?