Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows XP / 2003 (0 hosts up)

From: Andy Lutomirski <luto () stanford edu>
Date: Mon, 23 Feb 2004 11:19:24 -0800
I doubt that this changes fundamental network behavior, so I have two ideas:

1. It disables raw sockets.
2. It works around some other bug (i.e. my code is broken...)
3. It makes nmap think its on win95, making it fall back to a different code path somewhere. 

Could you try a few things:
Without the compat flag, run nmap --win_no_rawsock and see if it works. Also, send me nmap --win_trace --win_list_interfaces with and without the flag. 

Thanks,
Andy

Jason Komara wrote:

fyodor,

I have found a method to fix the issue with nmap reporting that a host is down when nmap is ran from Windows XP or Windows 
2003 Server.  I could not tell you what Microsoft changed in these newest OS's, but I have confirmed that the 
workaround works on both platforms.

If you use Microsofts compatability feature, you can fake XP or 2003 into thinking that it is being ran from various legas 
platforms... the key being the Windows 95 option.  The only problem is that Microsoft will not let you set this option on executables 
located on network shares.  The best way that I've found to get around this was to go right to the source... the registry keys 
that get set by running MS's wizard.  Below are the keys & values that will work:

HKCU (or HKLM)\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\%PATH_TO_EXE% (REG_SZ) = WIN95


That should be it... I am scannin' away on both my XP system & my 2003 server.  While looking for an answer to this 
question, I located many posts within forums, but they were all archived, so I could not post a reply.  I figured sending you 
this email would be the best method of getting this info out to the community.  Let me know how this works for you.  Thanks!!

Jason Komara


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org 




---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: