some ip,masscan can’t find any port ,but nmap is ok. And there are many such ip。 please！

[cookie9104]

##masscan result [root@localhost ~]# masscan -v -p1-65535 120.193.84.13 --rate 2000 pcap: found library: libpcap.so if: initializing adapter interface if:enp0s31f6: type=ethernet(1) if:enp0s31f6: pcap=libpcap version 1.5.3 if:enp0s31f6: successfully opened if:enp0s31f6: looking for default gateway if:enp0s31f6:arp: resolving IPv4 address if:enp0s31f6: initialization done. THREAD: recv: starting thread #0 THREAD: xmit: starting thread #0

Starting masscan 1.0.6 (http://bit.ly/14GZzcT) at 2019-09-23 13:13:29 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 1 hosts [65535 ports/host] THREAD: status: starting thread maxrate = 2000.00 THREAD: recv: starting main loop THREAD: xmit done, waiting for receive thread to realize this
THREAD: recv: stopping thread #0waiting 0-secs, found=0
THREAD: xmit: stopping thread #0 THREAD: status: stopping thread waiting 0-secs, found=0

##nmap result

[root@localhost ~]# nmap -sT -T4 -v -p1-65535 -n 120.193.84.13 Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-23 21:14 CST Initiating Ping Scan at 21:14 Scanning 120.193.84.13 [4 ports] Completed Ping Scan at 21:14, 0.05s elapsed (1 total hosts) Initiating Connect Scan at 21:14 Scanning 120.193.84.13 [65535 ports] Discovered open port 80/tcp on 120.193.84.13 Discovered open port 443/tcp on 120.193.84.13 Discovered open port 9004/tcp on 120.193.84.13 Connect Scan Timing: About 23.51% done; ETC: 21:16 (0:01:41 remaining) Connect Scan Timing: About 59.73% done; ETC: 21:16 (0:00:41 remaining) Discovered open port 3443/tcp on 120.193.84.13 Completed Connect Scan at 21:16, 87.96s elapsed (65535 total ports) Nmap scan report for 120.193.84.13 Host is up (0.036s latency). Not shown: 65531 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 3443/tcp open ov-nnm-websrv 9004/tcp open unknown

[cookie9104]

There are many such cases.

[k79e]

Yes I have that problem too Maybe it's syn packet don't have opition. Some fw filter this kind of syn packet.

An tcp option with mss should be solve problem. nping also can't ping that addr in your post because nping don't have option header.

[kymowang]

Yes I have that problem too Maybe it's syn packet don't have opition. Some fw filter this kind of syn packet.

An tcp option with mss should be solve problem. nping also can't ping that addr in your post because nping don't have option header.

add --tcp-mss as masscan option?

[aronmolnar]

Yes I have that problem too Maybe it's syn packet don't have opition. Some fw filter this kind of syn packet. An tcp option with mss should be solve problem. nping also can't ping that addr in your post because nping don't have option header.

add --tcp-mss as masscan option?

I can confirm that this would be the solution. I also had a number of IP addresses that could not be scanned due to missing options in TCP header.

I now locally compile masscan applying the changes in this commit: https://github.com/adamhj/masscan/commit/42565abab2d4d64f37ab7b6818ad07ddcdd81110

Now, it also successfully scans the IP 120.193.84.13

One note regarding reproducibility:

• Scans work on my private local network without mss option
• Scans do not work as soon as my cloud provider is involved (e.g. via VPN or from his appliance) --> here I must apply the patch.

[iso1983]

--tcp-mss doesn't work for me how to use it?

[iso1983]

--tcp-mss doesn't work for me how to use it?

[CalfCrusher]

i have the same problem (osx) , using --tcp-mss didn't solve the problem

[Cyb3rC3lt]

Just discovered this today too. I vpn into Azure and nmap can return port 445 open but masscan returns nothing when I specify that single port. It actually returns nothing against all the IPs on Azure but nmap does on some. Any thoughts?