Nmap Development mailing list archives
Re: nmap target selection questions
From: Abuse007 <abuse007 () gmail com>
Date: Sun, 29 May 2011 17:33:17 +1000
Some of the addresses are multicast (e.g. 224.0.0.22) or broadcast (e.g. 255.255.255.255). For outbound traffic nmap may be confused about which interface to use as the egress since it is ambiguous, by using the -e the ambiguity is removed. The MAC addresses are based off the IP address so ARP is not used. For receiving multicast (considering 224.0.0.22) depending on the drivers, the interfaces may have to "subscribe" to the mcast otherwise they won't receive traffic destined to those addresses. I don't mean IGMP joins, as these are link local mcast addresses. On 28/05/2011, at 2:45 PM, David Fifield <david () bamsoftware com> wrote:
On Tue, May 24, 2011 at 02:53:21PM -0700, Dexter Liu wrote:Hi nmap-dev: I'm not sure this if this is the best place to post this (so if there's a better place please point the way!). I'm trying to use nmap to scan a whole bunch of IPs I got from an arp call on Windows. So I'm running something like this: C:\testing\nmap-5.21-win32\nmap-5.21\nmap.exe -sV -sS -sU -p T:22,T:23,T:80,T:135,T:139,T:445,T:235,T:61616,U:52311 -O --osscan-guess -T 4 -oX nmapoutput 192.168.104.1, 192.168.104.10, 192.168.104.31, 192.168.104.51, 192.168.104.71, 192.168.104.86, 192.168.104.176, 192.168.104.197, 192.168.104.234, 192.168.104.235, 192.168.105.18, 192.168.105.27, 192.168.106.4, 192.168.107.140, 192.168.107.255, 224.0.0.22, 224.0.0.252, 239.255.255.250, 255.255.255.255, 9.0.8.1, 9.0.9.1, 9.6.96.153, 9.6.96.179, 9.7.2.18, 9.7.2.62, 9.8.33.67, 9.8.33.80, 9.9.72.23, 9.12.178.42, 9.13.44.147, 9.13.44.148, 9.17.136.83, 9.17.205.111, 9.17.205.112, 9.17.205.114, 9.17.205.115, 9.17.205.116, 9.18.21.20, 9.18.24.55, 9.18.81.58, 9.18.96.68, 9.18.96.69, 9.23.139.100, 9.23.139.101, 9.25.130.38, 9.44.50.80, 9.44.50.100, 9.44.50.102, 9.44.50.104, 9.44.51.57, 9.45.114.169, 9.45.124.64, 9.51.48.10, 9.51.48.18, 9.51.48.132, 9.56.8.13, 9.56.248.124, 9.56.252.115, 9.56.252.116, 9.56.252.117, 9.56.252.118, 9.63.36.19, 9.63.40.12, 9.65.61.255, 9.177.11.162, 9.177.11.173, 224.0.0.22, 224.0.0.252, 239.255.255.250 nmap fails when at 244.0.0.22 with this error message: nexthost: Failed to determine dst MAC address for target 224.0.0.22 QUITTING! I have a couple of questions: -First is there a switch or option that lets me continue scanning the rest of the IPs even though nmap fails on a particular IP? If 244.0.0.22 was the first target I specified, I would have errored out at the beginning and gotten zero resultsNo. Ideally we would detect this as early in the scan as possible, so you could at least remove those addresses right away and now have to wait for a half-finished scan.-Second if I specify specific network interfaces with -e (specifically lo0), 244.0.0.22 scans as well, but other IPs fail. Is there a way I can specify a pool of network interfaces nmap should use when doing scanning, so that if one interface fails it can try again on another?No, sorry again. Currently the best you can do is split targets into groups and run them in separate scans, with a different interface for each. I don't think that a pool of interfaces is really what you want here, though. If Nmap can't find the proper interface it would still have trouble.-Also I thought nmap was supposed to automatically figure out interfaces to run the scan on. It seems to work the large majority of the time. Why did I have to -e for some of them to get results? What are different about those IPs?This likely depends on your specific routing table. Please send me the output of nmap --iflist Also, please try the latest version (5.51SVN) from http://nmap.org/download.html#windows and see if the problem has already been solved. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap target selection questions Dexter Liu (May 24)
- Re: nmap target selection questions David Fifield (May 27)
- Re: nmap target selection questions Abuse007 (May 29)
- Re: nmap target selection questions David Fifield (May 27)