Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Possible bug in nmap 4.11, operation not permitted error message on Linux without iptables enabled

From: Sebastian Wolfgarten <sebastian () wolfgarten com>
Date: Wed, 23 May 2007 22:00:04 +0200
Hi,

I am unsure whether I've hit a bug in nmap 4.11 but here is what I got:

# nmap -v -sS -sV -P0 -p0-65535 -O app02.imedo.de

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-05-23 21:41
CEST
DNS resolution of 1 IPs took 0.03s.
Initiating SYN Stealth Scan against 217.188.214.92 [65536 ports] at 21:41
Discovered open port 22/tcp on 217.188.214.92
SYN Stealth Scan Timing: About 3.59% done; ETC: 21:55 (0:13:26 remaining)
SYN Stealth Scan Timing: About 11.61% done; ETC: 21:50 (0:07:37 remaining)
SYN Stealth Scan Timing: About 41.98% done; ETC: 21:47 (0:03:15 remaining)
sendto in send_ip_packet: sendto(5, packet, 44, 0, 217.188.214.92, 16)
=> Operation not permitted
sendto in send_ip_packet: sendto(5, packet, 44, 0, 217.188.214.92, 16)
=> Operation not permitted
sendto in send_ip_packet: sendto(5, packet, 44, 0, 217.188.214.92, 16)
=> Operation not permitted
Stats: 0:04:50 elapsed; 0 hosts completed (1 up), 1 undergoing SYN
Stealth Scan
SYN Stealth Scan Timing: About 99.60% done; ETC: 21:46 (0:00:01 remaining)
The SYN Stealth Scan took 291.59s to scan 65536 total ports.
Initiating service scan against 1 service on 217.188.214.92 at 21:46
The service scan took 0.06s to scan 1 service on 1 host.
Warning:  OS detection will be MUCH less reliable because we did not
find at least 1 open and 1 closed TCP port
For OSScan assuming port 22 is open, 43229 is closed, and neither are
firewalled
Host 217.188.214.92 appears to be up ... good.
Interesting ports on 217.188.214.92:
Not shown: 65535 filtered ports
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 4.3p2 Debian 9 (protocol 2.0)
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SInfo(V=4.11%P=x86_64-pc-linux-gnu%D=5/23%Tm=46549A0F%O=22%C=-1)
TSeq(Class=RI%gcd=1%SI=40E314%IPID=Z)
T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=N)
T6(Resp=N)
T7(Resp=N)
PU(Resp=N)
TCP Sequence Prediction: Class=random positive increments
                         Difficulty=4252436 (Good luck!)
IPID Sequence Generation: All zeros
Service Info: OS: Linux

Nmap finished: 1 IP address (1 host up) scanned in 294.533 seconds
               Raw packets sent: 131143 (5.771MB) | Rcvd: 73 (3662B)

Now my question is: Why am I getting these "operation not permitted"
error messages if I don't have iptables rules set? Here is the output of
iptables:

# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

My kernel is 2.6.17-gentoo-r8 on Gentoo Linux. Before I start looking
into the nmap code (probably gonna take a long time to understand it),
do you guys have any idea what causes this message "sendto in
send_ip_packet: sendto(5, packet, 44, 0, 217.188.214.92, 16) =>
Operation not permitted"?

Thank you and best regards,
Sebastian



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: