Re: -sO for IPv6

[Daniel Miller <bonsaiviking () gmail com>]

On 06/14/2011 03:15 PM, David Fifield wrote:
> I've just added support for -6 -sO (IPv6 protocol scan). This works by
> scanning all 256 possible values of the Next Header field, which is
> analogous to the Protocol field in IPv4. Instead of ICMP Protocol
> Unreachable to mean a closed protocol, it uses ICMPv6 Parameter Problem,
> Unrecognized Next Header. Here is the output of scanning scanme.
>
> # nmap -sO -6 scanmev6.nmap.org --reason
> Nmap scan report for scanmev6.nmap.org (2600:3c01::f03c:91ff:fe93:cd19)
> Host is up, received echo-reply (0.013s latency).
> Scanned at 2011-06-14 12:37:50 PDT for 382s
> Not shown: 241 closed protocols
> Reason: 241 param-problems
> PROTOCOL STATE         SERVICE    REASON
> 0        open|filtered hopopt     no-response
> 4        open|filtered ip         no-response
> 6        open          tcp        proto-response
> 17       open          udp        port-unreach
> 41       open|filtered ipv6       no-response
> 43       open|filtered ipv6-route no-response
> 44       open|filtered ipv6-frag  no-response
> 50       open|filtered esp        no-response
> 51       open|filtered ah         no-response
> 58       open          ipv6-icmp  proto-response
> 59       open|filtered ipv6-nonxt no-response
> 60       open|filtered ipv6-opts  no-response
> 108      open|filtered ipcomp     no-response
> 132      open|filtered sctp       no-response
> 136      open|filtered udplite    no-response
>
> David Fifield
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
Cool.

Works fine for me!

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/