Re: Nmap 4.21alpha4 Issue?

["Brett Cunningham" <cssniper22 () gmail com>]

I should have read more carefully your output. Refer to: "Skipping SYN
Stealth Scan against 10.1.20.90 because Windows does not
support scanning your own machine (localhost) this way." Nmap does recognize
your local host and acts accordingly (by skipping your localhost). This does
not actually seem to be the problem.

I cannot seem to reproduce the errors. Could you please provide the exact
arguments, along with Nmap, Winpcap and Windows version. Lastly, the output
from 'ipconfig /all' could further assist in troubleshooting.

On 4/17/07, alan () ajsquared us <alan () ajsquared us> wrote:
> Brett,
>
> Thanks for the reply... i figured the limitation was windows, but one
> may often want to easily scan their own range so it gets more
> tricky.... I hate to crash just because something Windows can't handle
> it if Nmap could just say "Windows can't do X.... we are excluding Y".
>
> That is why i was thinking an exclusion....
>
>
> I tried your example as-is and got the following:
> C:\Util\Nmap>nmap -sS -p80 -P0 192.168.1.1/24 -packet_trace -n -S 192.16
> 8.1.108 -e eth0
>
> Starting Nmap 4.21ALPHA4 ( http://insecure.org ) at 2007-04-17 16:21
> Central Day
> light Time
> NmapArpCache() can only take IPv4 addresses.  Sorry
> QUITTING!
>
>
>
> Then I adjusted for my IP address and go the same thing:
> C:\Util\Sniffer\Nmap>nmap -sS -p80 -P0 10.1.20.1/24 -packet_trace -n -S
> 10.1.20.
> 108 -e eth0
>
> Starting Nmap 4.21ALPHA4 ( http://insecure.org ) at 2007-04-17 16:24
> Central Day
> light Time
> NmapArpCache() can only take IPv4 addresses.  Sorry
> QUITTING!
>
>
> thanks
>
> Alan
>
>
>
>
>
> > -------- Original Message --------
> > Subject: Re: Nmap 4.21alpha4 Issue?
> > From: "Brett Cunningham" <cssniper22 () gmail com>
> > Date: Tue, April 17, 2007 2:55 pm
> > To: "alan () ajsquared us" <alan () ajsquared us>, nmap-dev () insecure org
> >
> > The issue of not being able to scan localhost is a limitation in
> > Windows. That's a good point that maybe nmap should exclude itself, or
> > use some sort of work around. For now, see if the following example
> > works: *nmap -sS -p80 -P0 192.168.1.1/24 -packet_trace -n -S
> > 192.168.1.108 -e eth0 * ref.:
> > http://seclists.org/nmap-dev/2006/q1/0318.html On 4/17/07,
> > alan () ajsquared us  wrote: > > When I try and scan a subnet 1.2.3.*
> > that I am on I have found Nmap > seems to quit early. I don't remember
> > it doing that in the past > (several versions ago) > > I am assuming
> > this is not a problem with WinPcap? > > If Nmap can's can it's own
> > host on Windows could there be an automated > exclusion so the program
> > just excludes the IP address? > > Here is what happens after scanning
> > many hosts.... > > > > Initiating ARP Ping Scan at 10:51 > Scanning
> > 165 hosts [1 port/host] > Completed ARP Ping Scan at 10:51, 0.67s
> > elapsed (165 total hosts) > Initiating Parallel DNS resolution of 165
> > hosts. at 10:51 > Completed Parallel DNS resolution of 165 hosts. at
> > 10:51, 9.01s elapsed > Skipping SYN Stealth Scan against 10.1.20.90
> > because Windows does not > support sc > anning your own machine
> > (localhost) this way. > Initiating Service scan at 10:51 > Skipping OS
> > Scan against 10.1.20.90 because it doesn't work against your > own mac
> > > hine (localhost) > pcap_open_live(lo0, 100, 0, 2) FAILED. Reported
> > error: Error opening > adapter: Th > e system cannot find the device
> > specified. (20). Will wait 5 seconds > then retry > . >
> > pcap_open_live(lo0, 100, 0, 2) FAILED. Reported error: Error opening >
> > adapter: Th > e system cannot find the device specified. (20). Will
> > wait 25 seconds > then retr > y. > Call to pcap_open_live(lo0, 100, 0,
> > 2) failed three times. Reported > error: Error > opening adapter: The
> > system cannot find the device specified. (20) > There are several
> > possible reasons for this, depending on your operating > system: > >
> > LINUX: If you are getting Socket type not supported, try modprobe >
> > af_packet or r > ecompile your kernel with SOCK_PACKET enabled. >
> > *BSD: If you are getting device not configured, you need to recompile
> > > your kern > el with Berkeley Packet Filter support. If you are
> > getting No such file > or dire > ctory, try creating the device (eg cd
> > /dev; MAKEDEV ; or use > mknod). > *WINDOWS: Nmap only supports
> > ethernet interfaces on Windows for most > operations > because
> > Microsoft disabled raw sockets as of Windows XP SP2. Depending > on
> > the > reason for this error, it is possible that the --unprivileged >
> > command-line argum > ent will help. > SOLARIS: If you are trying to
> > scan localhost and getting '/dev/lo0: No > such fil > e or directory',
> > complain to Sun. I don't think Solaris can support > advanced lo >
> > calhost scans. You can probably use "-P0 -sT localhost" though. > > >
> > QUITTING! > > > > > > _______________________________________________
> > > Sent through the nmap-dev mailing list >
> > http://cgi.insecure.org/mailman/listinfo/nmap-dev > Archived at
> > http://SecLists.Org > _______________________________________________
> > Sent through the nmap-dev mailing list
> > http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at
> > http://SecLists.Org
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org