Re: cannot scan

["Verde Denim" <tdldev () gmail com>]

On Sun, Oct 19, 2008 at 10:17 PM, David Fifield <david () bamsoftware com>wrote:

> On Sun, Oct 19, 2008 at 09:44:34PM -0400, Verde Denim wrote:
> > I sent a message to the list earlier regarding this, but am not sure it
> went
> > through. Please excuse if it is already in circulation
> > I am trying to learn to use nmap.
> > I have installed nmap/zenmap (latest version for win) with winpcap
> > when I run any scans I have to use the --unprivileged option since I am
> > running with a wireless card which uses ppp0
> > All scans return the same error
> >
> > sample scan:
> > nmap -T4 --version-light -sV -F -O c--unprivileged scan.target.com
> >
> > constant error output (regardless of target)
> > TCP/IP fingerprinting (for OS scan) requires that WinPcap version 3.1 or
> > higher and iphlpapi.dll be installed.
> > You seem to be missing one or both of these.  Winpcap is available from
> > http://www.winpcap.org.  iphlpapi.dll
> > comes with Win98 and later operating sytems and NT 4.0 with SP4 or
> greater.
> > For previous windows versions, you may be able to take iphlpapi.dll from
> > another system and place it in your
> > system32 dir (e.g. c:\windows\system32).
> >
> > QUITTING!
>
> A limitation of Nmap on Windows is that in can only do raw-packet scans
> on Ethernet devices. That's why you have to use --unprivileged on your
> ppp0 interface. Unfortunately that means you can't run OS scan either.
>
> The error message is misleading. It really should say "TCP/IP
> fingerprinting (for OS scan) requires raw packets" or something like
> that. The error message is assuming that the only way you could fail to
> have "root privileges" (in terms of raw packet sending) on Windows is
> that WinPcap is not installed. However you have shown that it can also
> be caused by the use of --unprivileged.
>
> The error message should not be too hard to fix. Does anyone have an
> opinion as to the wording, or can you think of any other corner cases to
> cause this error?
>
> David Fifield


David
Thanks for replying. I was beginning to get a bit mental trying to figure
this out.
So, in a nutshell, I cannot use (or should not) use nmap on windows with a
wireless card.
It's disappointing since I need to learn to use this tool for my job, and
the wireless card is my only Internet access at the moment.
Is this a function of the limitation of nmap, or is it a function of the way
packets are processed on the Internet?
Is nmap planned to include functionality to run with a wireless card without
the --unprivileged restriction?
Do you know of another tool which may provide fingerprinting capability with
this setup (winxp/wireless card) ?

As to the message, my vote would be to simply detect the --unprivileged
option on the command line, and report that
fingerprinting is not available with this option. Something like
"You have selected --unprivileged as an argument, which cannot be coupled
with OS/fingerprinting."

I would also add some install notes for nmap to caution users that ppp0 will
eliminate all but the most rudimentary functions of nmap.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org