Nmap Development mailing list archives
Re: Nmap ICMP/TCP Ping Insubordination
From: Martin Mačok <martin.macok () underground cz>
Date: Mon, 7 Jun 2004 12:29:04 +0200
On Mon, Jun 07, 2004 at 12:44:27PM +0300, Noam Rathaus wrote:
1) ./nmap-3.50/nmap -PT80 -sP -d -n www.microsoft.com (under the root user) (under the non-root user)
Any chance I can force connect() port ping instead of ACK (which is not quite the same as connect())?
Try -PS instead of -PT: if connect() is succesfull, -PS will be too. (or simply run it as non root) On Mon, Jun 07, 2004 at 12:48:58PM +0300, Noam Rathaus wrote:
Also, I noted that it still creates an ICMP capture filter under root, which would in the case of -PT/-PS/etc be unnecessary, unless that host is non-routeable.
It is useful exactly for this reason - if you get ICMP unreachable back, don't waste your time waiting for the timeout. (Actually, I have seen hosts that return ICMP destination/network unreachables while accepting TCP connections second later... which is the reason I don't use -P options in most Internet/non-sweep scenarious at all.) Martin Mačok IT Security Consultant --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Nmap ICMP/TCP Ping Insubordination Noam Rathaus (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Martin Mačok (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Noam Rathaus (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Martin Mačok (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Noam Rathaus (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Noam Rathaus (Jun 07)
- Re: Nmap ICMP/TCP Ping Insubordination Martin Mačok (Jun 07)