* Lee Garrett: > $ nmap -6 2a01:4f8:231:161c::1 > Starting Nmap 7.95 ( https://nmap.org ) at 2025-02-19 16:58 CET > Note: Host seems down. If it is really up, but blocking our ping probes, try > -Pn > Nmap done: 1 IP address (0 hosts up) scanned in 0.10 seconds > > I'd expect nmap to show the host as up since I can ping that address. Using > -Pn > scan the host and shows the open ports correctly.
Curious, this does not happen hereā¢ for other hosts, but for the address you tried. Using tcpdump, I don't even see anything resembling "ping probes", but failing attempts to 80/tcp, 443/tcp: ,---- | $ sudo tcpdump -ni enp9s0 ip6 host 2a01:4f8:231:161c::1 | tcpdump: verbose output suppressed, use -v[v]... for full protocol decode | listening on enp9s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes | 18:46:07.083120 IP6 <MY-ADDRESS>.47374 > 2a01:4f8:231:161c::1.80: Flags [S], seq 1605758339, win 64440, options [mss 1432,sackOK,TS val 1103345539 ecr 0,nop,wscale 7], length 0 | 18:46:07.087845 IP6 <MY-ADDRESS>.41286 > 2a01:4f8:231:161c::1.443: Flags [S], seq 3130674863, win 64440, options [mss 1432,sackOK,TS val 1103345539 ecr 0,nop,wscale 7], length 0 | 18:46:07.100433 IP6 2a01:4f8:231:161c::1 > <MY-ADDRESS>: ICMP6, destination unreachable, unreachable prohibited 2a01:4f8:231:161c::1, length 88 | 18:46:07.105415 IP6 2a01:4f8:231:161c::1 > <MY-ADDRESS>: ICMP6, destination unreachable, unreachable prohibited 2a01:4f8:231:161c::1, length 88 `---- Apparently ICMP messages are only generated if nmap is run as root and those TCP connection attempts serve as a backup. Cheers, -Hilko
