Nmap Development mailing list archives

Re: nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6)

From: David Fifield <david () bamsoftware com>
Date: Wed, 22 Jul 2009 09:41:57 -0600

On Tue, Jul 21, 2009 at 11:50:33PM -0500, Vijay Sankar wrote:

Just thought I would report the following in case there are any simple  
things I can do to help out. If there is, please let me know.

I am not able to run nmap as root (--send-ip works, however) on OpenBSD  
4.5 -stable. Compiled it with a ./configure, make and make install.  
Zenmap works very well with OpenBSD's Python 2.5.4 package. Also tried  
OpenBSD -current as of 1430 hours CDT July 22, 2009 with the same 
results.

As a regular user,

server11$ nmap -v -A server2.sankars.local

Starting Nmap 5.00 ( http://nmap.org ) at 2009-07-21 23:28 CDT
Interesting ports on server2.sankars.local (10.0.0.102):
Not shown: 996 closed ports
PORT     STATE SERVICE     VERSION
22/tcp   open  ssh         OpenSSH 5.2 (protocol 2.0)
|  ssh-hostkey: 1024 85:fd:f8:d7:23:2b:35:cc:88:6c:69:01:51:53:70:24 (DSA)
|_ 2048 43:4c:30:6b:16:f6:25:7d:ed:34:af:2a:42:88:8a:69 (RSA)
139/tcp  open  netbios-ssn Samba smbd 3.X (workgroup: MYGROUP)
445/tcp  open  netbios-ssn Samba smbd 3.X (workgroup: MYGROUP)
6000/tcp open  X11         (access denied)
Service Info: OS: Unix

As root,

server11# nmap -v -A server2.sankars.local

Starting Nmap 5.00 ( http://nmap.org ) at 2009-07-21 23:43 CDT
NSE: Loaded 30 scripts for scanning.
Initiating ARP Ping Scan at 23:43
Scanning 10.0.0.102 [1 port]
Completed ARP Ping Scan at 23:43, 0.23s elapsed (1 total hosts)
Read data files from: /usr/local/share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes,  
try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 0.58 seconds
          Raw packets sent: 2 (84B) | Rcvd: 0 (0B)


As Brandon suggested, I think this is caused by the target operating
system sending its ARP replies to the broadcast address instead of
sending them unicast to the sending address. I committed a fix for this
in r14498; please try it.

What operating system and version is the target? So far this has been
reported when scanning Windows 7 and Solaris 10. The operating system
detection says this is OpenBSD.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6) Vijay Sankar (Jul 21)
- Re: nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6) Brandon Enright (Jul 22)
  - Re: nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6) Vijay Sankar (Jul 22)
- Re: nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6) David Fifield (Jul 22)
  - Re: nmap on OpenBSD 4.5 -stable and OpenBSD -current (4.6) Vijay Sankar (Jul 22)