This is interesting. I had to modify it to nmap -A -T4 -p- -Pn <IP>.
It said the host is up with 0.077 seconds of latency. All 64k ports were scanned with 7 filtered tcp ports (host-unreachable) and the rest (no-response).
77ms of latency is pretty slow. Based off that I’d assume (but not rule out) that it’s not: on the machine you used to run nmap, not on ethernet, probably wifi with a shitty connection
So, some really dumb, likely irrelevant, questions that might spark an idea:
Do you see anything weird connected in the wifi client list? (You said it wasn’t given a dhcp lease, but it would still show as a wireless client even if it were static)
Are you running a VPN server or using VPN to bridge any networks?
You said you’re running dual WAN, are those configured properly and not leaking random internet shit into your LAN?
Do you have anything that might be running some kind of out-of-band management system like DRAC on a dell server?
What’s your IoT situation?
Do you have an on-site NVR for security cams?
Did you find the mac? If so what are the first 3 octets? Even if the vendor can’t be found, there’s always the chance some crazy ubernerd is going to recognize it. (If it’s 00:d0:2c or 44:d9:e7 I got ya covered)
Again, most of those are probably irrelevant, but throwing the thoughts out there :)
nmap -A -T4 -p- <IP>This is interesting. I had to modify it to nmap -A -T4 -p- -Pn <IP>.
It said the host is up with 0.077 seconds of latency. All 64k ports were scanned with 7 filtered tcp ports (host-unreachable) and the rest (no-response).
77ms of latency is pretty slow. Based off that I’d assume (but not rule out) that it’s not: on the machine you used to run nmap, not on ethernet, probably wifi with a shitty connection
So, some really dumb, likely irrelevant, questions that might spark an idea:
Do you see anything weird connected in the wifi client list? (You said it wasn’t given a dhcp lease, but it would still show as a wireless client even if it were static)
Are you running a VPN server or using VPN to bridge any networks?
You said you’re running dual WAN, are those configured properly and not leaking random internet shit into your LAN?
Do you have anything that might be running some kind of out-of-band management system like DRAC on a dell server?
What’s your IoT situation?
Do you have an on-site NVR for security cams?
Did you find the mac? If so what are the first 3 octets? Even if the vendor can’t be found, there’s always the chance some crazy ubernerd is going to recognize it. (If it’s 00:d0:2c or 44:d9:e7 I got ya covered)
Again, most of those are probably irrelevant, but throwing the thoughts out there :)
What’s weird about this is that it should be getting a response from IIS like you showed us in the screenshot.