Metasploit quick scan problem

[kruzhok]

I installed win xp on virtual machine, then i connected it to the internet, after that throw ipconfig i get ip address and then i gone back to the metasploit armitage installed on my win7.

I entered ip address copied in win xp, into the "quick scan (os detect)" field. He wrote that process is done, but i don't see any hosts in my armitage.

In the console nmap wrote:

[*] Nmap: Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-11-22 05:59

[*] Nmap: Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn

[*] Nmap: Nmap done: 1 IP address (0 hosts up) scanned in 3.52 seconds

What's problem? Please help me to resolve that.

Sry for my english language skills

[digip]

Node is either not reachable, or not responding to a ping, try dbnmap scan with -PN to not ping it before scanning, which assumes its up, and will check it anyway. Also, various nmap scans can work around firewalls, forcing tcp rst packets and such, that give away open ports, like xmas tree scans or just trying to manually telnet to well known ports and see if you just get an open session. Not that you can do anything but if its open with no immediate disconnect until you type, those ports are open. More than liketly, firewall is blocking it though, or desitnation IP you added is not reachable.

[kruzhok]

Node is either not reachable, or not responding to a ping, try dbnmap scan with -PN to not ping it before scanning, which assumes its up, and will check it anyway. Also, various nmap scans can work around firewalls, forcing tcp rst packets and such, that give away open ports, like xmas tree scans or just trying to manually telnet to well known ports and see if you just get an open session. Not that you can do anything but if its open with no immediate disconnect until you type, those ports are open. More than liketly, firewall is blocking it though, or desitnation IP you added is not reachable.

what does it mean scan dbnmap with -pn?

i turn off firewall in my win xp;

IP is absolutely correct;

If you have a little time can you write step by step what i need to check, and what i need to do, cause it's my first day with metasploit and i am absolutely newbie.

[digip]

Basically, running nmap from within the msfconsole, so metasploit sees the nmap scan on the target in question. Don't expect just because its an XP machine, its going to be vulnerable to attack either. If its fully patched, you might need to do other attacks like web browser, quicktime, flash, pdf or java based attacks that you have to interact with or click on, like a PDF file that then connects back to the attacker machine.

db_nmap Executes nmap and records the output automatically

Try these:

http://en.wikibooks....UsingMetasploit

http://www.offensive...ashed/Main_Page

http://www.securitytube.net/video/1175

Edited November 23, 2012 by digip