Nmap Development mailing list archives

nmap -s[FNX] hangs

From: Jan Engelhardt <jengelh () linux01 gwdg de>
Date: Sun, 31 Dec 2006 17:38:45 +0100 (MET)

Hi list,


as soon as nmap 4.11 scans more than 20 closed ports in -sF, -sN or -sX 
mode, it hangs. This problem does not occur with nmap 3.81.

Take a look at what nmap/tcpdump (the latter of which runs in the 
background) gives:

# uname -r
2.6.18.5
# nmap -sF 127.0.0.1 -P0 -r -n -p 20-22 -T4
(20 closed, 21 open, 22 open)

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-12-31 17:28 
CET
17:28:33.019391 IP 127.0.0.1.46912 > 127.0.0.1.20: F 1694783220:1694783220(0) win 1024
17:28:33.019441 IP 127.0.0.1.20 > 127.0.0.1.46912: R 0:0(0) ack 1694783221 win 0
17:28:33.019665 IP 127.0.0.1.46912 > 127.0.0.1.21: F 1694783220:1694783220(0) win 3072
17:28:33.019703 IP 127.0.0.1.46912 > 127.0.0.1.22: F 1694783220:1694783220(0) win 2048
(nothing happens nmap waits and waits... - same behavior with nmap 4.00)

OTOH:

# uname -r
2.6.13
# nmap -sF lo -p 22 -P0 -n
(22 open)

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-12-31 17:29 
CET
17:29:48.134313 IP 127.0.0.1.63784 > 127.0.0.1.22: F 3481764187:3481764187(0) win 3072
17:29:49.144102 IP 127.0.0.1.63785 > 127.0.0.1.22: F 3481698650:3481698650(0) win 4096
Interesting ports on 127.0.0.1:
PORT   STATE         SERVICE
22/tcp open|filtered ssh

Nmap finished: 1 IP address (1 host up) scanned in 2.095 seconds

What's up here with nmap4?


        -`J'
-- 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

nmap -s[FNX] hangs Jan Engelhardt (Dec 31)
- Re: nmap -s[FNX] hangs Fyodor (Dec 31)
  - Re: nmap -s[FNX] hangs Jan Engelhardt (Dec 31)