Nmap Development mailing list archives
Deny/Reject patch
From: Guillaume Valadon <guillaume () valadon net>
Date: Wed, 24 Oct 2001 22:29:02 +0200
Hi, As seen in pen-test mailing list severals weeks ago some people find it usefull to know the kind of icmp unreachable we eventually got in response. Fyodor said it was easy to add this feature to nmap so there it is. (it may be ugly as i didn't nmap sources very well ...). # ./nmap -sS pouet -p 3 Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ ) Interesting ports on pouet (1.2.3.4): Port State Service 3/tcp unr. (code 1) compressnet Nmap run completed -- 1 IP address (1 host up) scanned in 1 second It doesn't work for none root port scans types as the "only" way to know we got an icmp is to view it with a pcap. In fact, i made it "works" with linux and connect scan, quoting an old fyodor's paper: "While non-root users can't read port unreachable errors directly, Linux is cool enough to inform the user indirectly when they have been received." I became totally mad with my BSD before reading this two lines ... By the way, I have a question : why the lamer udp scan is gone ? To conclude this mail, i want to start a talk about the utility to fingerprints system with these icmp unreachable (if we got them, let's use them, it can't kill us), i worked a little on this topic and i still think it can "easily" be done. @+ -- mailto:guillaume () valadon net ICQ uin : 1752110 Page ouebe : http://guillaume.valadon.net "Everybody be cool. You be cool" - Seth Gecko
Attachment:
nmap-DENY_REJECT.patch.gz
Description:
--------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Deny/Reject patch Guillaume Valadon (Oct 24)
- RE: Deny/Reject patch Ofir Arkin (Oct 24)
- Re: Deny/Reject patch Fyodor (Oct 24)
- RE: Deny/Reject patch Ofir Arkin (Oct 24)
- Re: Deny/Reject patch Guillaume Valadon (Oct 25)