Nmap Development mailing list archives
Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75
From: Fyodor <fyodor () insecure org>
Date: Sun, 30 Jan 2005 20:03:30 -0800
On Tue, Jan 11, 2005 at 02:01:54PM +0100, Martin Ma?ok wrote:
I have again updated the patch since. Now the data payload MTU can be specified using "--mtu N" too. It also tries to fragment all packets (ie. including pinging and OS fingerprinting besides just the scanning). The --packet_trace implementation was enhanced so now it tries to get more info from fragments than the previous one. For more, see http://Xtrmntr.org/ORBman/tmp/nmap/nmap-3.78-fragment.patch
Thanks - I have applied this for the next version of Nmap. I also went through your (long!) list of other patches at http://xtrmntr.org/ORBman/tmp/nmap/ and applied them all except for: CONNECT-closedflitered - I'm not sure how common this API response is among platforms and it may confuse users. defeat_ICMP_ratelimit - This will certainly speed things up, but there is a risk of decreasing accuracy. detect_TARPIT - This is a very cool technique, but I'm not sure it belongs in the core distribution. For example, sometimes you might want to scan tarpits. If it just printed a note in verbose mode about potentially tarpitted hosts, that might be better. option-max_retransmissions - This might generate "bug reports" because it only affects port scanning, and not other aspects that retransmit such as ping scanning, idle scan, or OS detection. But making it count in all these cases doesn't necessarily solve the problem, because you may not want to use the same value for every kind of retransmission. Making the -T variables control this is a good idea though, which I should probably implement. I'm just not sure I want a command-line parameter for it. no_pcap_localhost_workaround - This might be OK, but I'm a wimp and am worried it would break something. My main concern is that I don't remember the exact problem that required this workaround in the first place. The workaround doesn't really hurt anything. I hope to have a new version of Nmap out within a week or so. Cheers, Fyodor --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 11)
- Message not available
- Re: [updated patch] fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 29)
- Message not available
- Re: [updated patch] fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 30)
- Re: [updated patch] fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 29)
- Message not available
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Fyodor (Jan 30)
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 31)
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 31)
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Feb 01)
- patches against 3.81 Martin Mačok (Feb 07)
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 31)