Nmap Development mailing list archives
Re: EACCES on connect
From: David Fifield <david () bamsoftware com>
Date: Thu, 30 Aug 2007 23:04:28 -0600
On Thu, Aug 30, 2007 at 12:02:47AM -0700, Fyodor wrote:
On Thu, Aug 30, 2007 at 12:48:15AM -0600, David Fifield wrote:I suspect that his OS (Mac OS X) is not allowing him to ping broadcast addresses and connect is returning EACCES. Is this right, or has anyone else seen this? If so, we should add a case for EACCES and not mark the host up.Yes, I think that is somewhast common. My Linux box gives a different error ("Network is unreachable"). I agree the we should add a case for EACCES and not mark the host up. Ideally we should avoid this probe being retransmitted too. If there are probes to other ports, it might be best if we can keep those just in case only this one port is blocked (e.g. the machine may be configured to block outgoing requests to ports such as 25). And if those other probes are similarly blocked, they should go super quick. Obviously timing should not be updated based on these. If it is easier just to mark the whole target IP as down when you see the EACCESS, that is OK with me too. In the vast majority of cases, the IP will end up being marked as down anyway, I imagine.
Okay. The host is marked down. Any other outstanding probes will still be processed, but no more probes will be sent. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- EACCES on connect David Fifield (Aug 29)
- Re: EACCES on connect Fyodor (Aug 30)
- Re: EACCES on connect David Fifield (Aug 30)
- Re: EACCES on connect Fyodor (Aug 30)