Nmap Development mailing list archives
trouble with ping version 0.1BETA2
From: geca <geca () lansp ru>
Date: Tue, 24 Nov 2009 21:54:09 +0300
Hellow i did install nping version 0.1BETA2 for MAC os. I try make spoof IP address, but option --source-ip dont work: My network setings: ifconfig en1 en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::21e:c2ff:fea6:6a85%en1 prefixlen 64 scopeid 0x4 inet 10.71.0.100 netmask 0xfffff800 broadcast 10.71.7.255 ether 00:1e:c2:a6:6a:85 media: autoselect status: active supported media: autoselect run nping with options:nping --tcp-connect -p 111 --debug -c 1 --source-ip=10.1.1.1 --dest- ip=10.71.0.201
Nping will send packets in unprivileged mode using regular system callsStarting Nping 0.1BETA2 ( http://nmap.org/nping ) at 2009-11-24 21:47 MSK
Resolving specified targets... 1 target IP address determined. Next target returned by getNextTarget(): Targets[0/1] --> 10.71.0.201 NSOCK (0.0000s) msevent_new (IOD #NULL) (EID #12) NSOCK (0.0000s) Timer created - 1ms from now. EID 12 NSOCK (0.0000s) NSE #12: Adding event NSOCK (0.0000s) nsock_loop() started (timeout=1ms). 1 events pending NSOCK (0.0000s) wait_for_events NSOCK (0.0000s) before iterating, list 0 NSOCK (0.0000s) before iterating, list 1 NSOCK (0.0000s) before iterating, list 2 NSOCK (0.0000s) before iterating, list 3 NSOCK (0.0000s) before iterating 12 NSOCK (0.0000s) before iterating, list 4 NSOCK (0.0000s) list 3, iterating 12 NSOCK (0.0000s) NSE #12: Removing event from event_lists[3] NSOCK (0.0000s) Callback: TIMER SUCCESS for EID 12tcpconnect_event_handler(): Received callback of type TIMER with status SUCCESS
NSOCK (0.0000s) msevent_new (IOD #1) (EID #16)NSOCK (0.0000s) TCP connection requested to 10.71.0.201:111 (IOD #1) EID 16
NSOCK (0.0000s) NSE #16: Adding event SENT (0.0000s) Starting TCP Handshake > 10.71.0.201:111 NSOCK (0.0000s) msevent_delete (IOD #NULL) (EID #12) NSOCK (0.0000s) nsock_loop() started (timeout=1000ms). 1 events pending NSOCK (0.0000s) wait_for_events NSOCK (0.0010s) before iterating, list 0 NSOCK (0.0010s) before iterating 16 NSOCK (0.0010s) before iterating, list 1 NSOCK (0.0010s) before iterating, list 2 NSOCK (0.0010s) before iterating, list 3 NSOCK (0.0010s) before iterating, list 4 NSOCK (0.0010s) list 0, iterating 16 NSOCK (0.0010s) NSE #16: Removing event from event_lists[0] NSOCK (0.0010s) Callback: CONNECT SUCCESS for EID 16 [10.71.0.201:111]tcpconnect_event_handler(): Received callback of type CONNECT with status SUCCESS
RECV (0.0010s) Handshake with 10.71.0.201:111 completed NSOCK (0.0010s) msevent_delete (IOD #1) (EID #16) Next target returned by getNextTarget(): Targets[0/1] --> 10.71.0.201 Max rtt: 0.940ms | Min rtt: 0.940ms | Avg rtt: 0.940msTCP connection attempts: 1 | Successful connections: 1 | Failed: 0 (0.00%)
Tx time: 0.00073s | Tx bytes/s: 109589.04 | Tx pkts/s: 1369.86 Rx time: 0.00167s | Rx bytes/s: 23952.10 | Rx pkts/s: 599.16 Nping done: 1 IP address pinged in 0.00 secondsI watch tcpdump log on destination host (10.71.0.201) and i can't see spoofing IP addres.
I see reall ip address. It's bug? tcpdump -i eth0 -n port 111 -etcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes21:53:18.755522 00:1e:c2:a6:6a:85 > 00:20:ed:60:44:d6, ethertype IPv4 (0x0800), length 78: IP 10.71.0.100.60955 > 10.71.0.201.sunrpc: S 2429334520:2429334520(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 406321374 0,sackOK,eol> 21:53:18.755585 00:20:ed:60:44:d6 > 00:1e:c2:a6:6a:85, ethertype IPv4 (0x0800), length 74: IP 10.71.0.201.sunrpc > 10.71.0.100.60955: S 2655139069:2655139069(0) ack 2429334521 win 5792 <mss 1460,sackOK,timestamp 3934924864 406321374,nop,wscale 2> 21:53:18.756540 00:1e:c2:a6:6a:85 > 00:20:ed:60:44:d6, ethertype IPv4 (0x0800), length 66: IP 10.71.0.100.60955 > 10.71.0.201.sunrpc: . ack 1 win 65535 <nop,nop,timestamp 406321374 3934924864> 21:53:18.759123 00:1e:c2:a6:6a:85 > 00:20:ed:60:44:d6, ethertype IPv4 (0x0800), length 66: IP 10.71.0.100.60955 > 10.71.0.201.sunrpc: F 1:1 (0) ack 1 win 65535 <nop,nop,timestamp 406321374 3934924864> 21:53:18.759695 00:20:ed:60:44:d6 > 00:1e:c2:a6:6a:85, ethertype IPv4 (0x0800), length 66: IP 10.71.0.201.sunrpc > 10.71.0.100.60955: F 1:1 (0) ack 2 win 1448 <nop,nop,timestamp 3934924868 406321374> 21:53:18.760401 00:1e:c2:a6:6a:85 > 00:20:ed:60:44:d6, ethertype IPv4 (0x0800), length 66: IP 10.71.0.100.60955 > 10.71.0.201.sunrpc: . ack 2 win 65535 <nop,nop,timestamp 406321374 3934924868>
Best regards Evgeniy russia _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- trouble with ping version 0.1BETA2 geca (Nov 24)
- Re: trouble with ping version 0.1BETA2 David Fifield (Dec 22)