Re: dhcp script!

[David Fifield <david () bamsoftware com>]

On Tue, Sep 08, 2009 at 01:21:38PM -0600, David Fifield wrote:
> On Tue, Sep 08, 2009 at 03:01:20PM -0400, Walt Scrivens wrote:
> > No, it still doesn't do anything, just skips the "Host seems down"  
> > message:
> >
> > *********************
> > sh-3.2# nmap -PN -d -sU -p67 --script=dhcp-inform 192.168.1.1
> >
> > Starting Nmap 5.00 ( http://nmap.org ) at 2009-09-08 14:59 EDT
> > --------------- Timing report ---------------
> >   hostgroups: min 1, max 100000
> >   rtt-timeouts: init 1000, min 100, max 10000
> >   max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
> >   parallelism: min 0, max 0
> >   max-retries: 10, host-timeout: 0
> >   min-rate: 0, max-rate: 0
> > ---------------------------------------------
> > NSE: Loaded 1 scripts for scanning.
> > Warning: Unable to open interface vmnet8 -- skipping it.
> > Warning: Unable to open interface vmnet1 -- skipping it.
> > Initiating ARP Ping Scan at 14:59
> > Scanning 192.168.1.1 [1 port]
> > Packet capture filter (device en1): arp and ether dst host 00:23:6C: 
> > 99:EB:B1
> > Completed ARP Ping Scan at 14:59, 0.21s elapsed (1 total hosts)
> > Overall sending rates: 9.35 packets / s, 392.89 bytes / s.
> > mass_rdns: Using DNS server 208.67.222.222
> > mass_rdns: Using DNS server 208.67.220.220
> > Read from /usr/local/share/nmap: nmap-services.
> > Nmap done: 1 IP address (0 hosts up) scanned in 0.30 seconds
> >            Raw packets sent: 2 (84B) | Rcvd: 0 (0B)
>
> Try with -PN --send-ip. Maybe something is up with ARP ping.

It turns out this problem is already solved, but you need an Nmap newer
than 5.00, which at the moment means building from Subversion. Please
see

http://seclists.org/nmap-dev/2009/q3/0281.html
http://seclists.org/nmap-dev/2009/q3/0904.html

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org