NMAP host discovery reporting discrepant results between NAT and Bridged mode
I figured this would be the most relevant place to ask this question. I'm using a Kali VM to run some network scans. The results are different depending on whether my network interface is bridged or NATed.
Running this scan nmap -sn 192.168.1.0/24 in NAT reports all 256 IPs as online hosts. The same scan in bridged reports the correct number of 5 online hosts. Note that this is from a freshly downloaded VM with no changes done on it.
Why the difference? I'm guessing there must be some issue with ICMPs or ARPs coming through? Could this be a config issue on my host (fresh LTS Ubuntu 14.04)?
I would be interested in understanding the reason and also any fixes. I'd like to have accurate host discovery without having to bridge every time.
EDIT: I am using VirtualBox 4.3.36.
