Nmap Development mailing list archives
Re: Raw IP NSE Functionality
From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 26 Feb 2010 14:49:02 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/25/2010 04:03 PM, David Fifield wrote:
The BPF filter alone won't prohibit one script from receiving another script's packets. As I understand it, that's the purpose of the extra pcap_register step. You could make the matching more robust by registering all the information that you currently have in the BPF, which is the source and destination hosts as well as the source port.
After running into another seemingly unrelated problem last night, I moved to adding this additional data to the pcap_register() call.
This all looks good an ready to merge, once you add documentation for the nmap.get_ports function to nmap.luadoc and scripting.xml.
I've merged everything over in r16885. I'm thinking the script would be something good to add to the "Finding a Working Idle Scan Zombie Host" in the Idle Scan section of the Nmap Book; however, I'm not sure what my permissions are anymore so this may just be more of a suggestion. Thoughts?
David Fifield
Thanks for the help, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJLiDO+AAoJEEQxgFs5kUfuNrEQALianAT5MEgnFUH1hxoeLvRY bBRmAisLDY7GW0V2v1im08Uuyitj7fomMDiRc3nz25QnnBlNTuu7ccU8fWxIQ90V +mpAx+04/Z0ap1KwsHNLZZ/IMNHYPuMf4x4FfEjWCix7kEnT/CKOM71H15/F+PmQ /QPLrCIMqQ+ZrevL904Q08JlOm7w0lwSVRr0Xym4k1fm4NS5XXymQd+AfdVMQpA0 sB3FywpPe9HKgBHpZF0wp1r9KfSZ11E1WYRrD9nk+jA1hNwVfySqgG7GTpFssWYT uImBogZ+agcBqTGqg7GpQnUcZZk4fVSNRCHq8TOQsIRglwHWISv7uPO4r9ybKv7b Hc6lS+fVmkcE4ZwyOSHgfoeiFljG874UzMPg80OWaYwNnek/uJ+BsfNsnEsl9WJZ TFogA1REkkZzzKE4TQNfpGs5OMgxy5Sn7JRH7lAfHJkkYRMCR1TmXgaWr1j3c85C ZKJfniTVrGYCExck9hh8NDbmIaeHZkgu/a+vq54OAO6YBgRKh92GWBA+8N352QpS T953dln97u0+oAsG38rUhJ98w70ScrD+qnqAChF+uJ4FpDstLntqxwFwK5gZ4iJ+ +9l5a2wNkCt7+Z/UWV92o+uR8UMJ1hAQdQoDMuGAzya3PJVpGBMSbqJFv17h79/p G32lRymLCtdAaTXav2Pr =eG23 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Raw IP NSE Functionality, (continued)
- Re: Raw IP NSE Functionality Patrick Donnelly (Feb 23)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 23)
- Re: Raw IP NSE Functionality David Fifield (Feb 23)
- Re: Raw IP NSE Functionality David Fifield (Feb 25)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 25)
- pcap_register David Fifield (Feb 25)
- Re: pcap_register majek04 (Feb 26)
- Re: pcap_register Kris Katterjohn (Feb 26)
- Re: Raw IP NSE Functionality kx (Feb 25)
- Re: Raw IP NSE Functionality David Fifield (Feb 25)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 26)