Nmap Development mailing list archives

Re: Problem routing nmap scans

From: David Fifield <david () bamsoftware com>
Date: Sat, 29 Sep 2012 17:19:43 -0700

On Fri, Aug 03, 2012 at 01:10:39PM +0200, graou () free fr wrote:

I'm having troubles with nmap v6.01 and Windows 7 x64.
Let's say i want to do a tcp syn scan to a host on a subnetwork
(192.168.35.53:80).
This host answers to ping :

---------------------

ping 192.168.35.53


Envoi d'une requête 'Ping'  192.168.35.53 avec 32 octets de données :
Réponse de 192.168.35.53 : octets=32 temps=2 ms TTL=61
---------------------

This host is reachable via any browser.
This host is also reachable via nmap tcp connect scan, when i disable host
discovery :

---------------------

nmap -sT 192.168.35.53  -p 80 -Pn


Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-03 10:35 Paris, Madrid (heure
dÆÚtÚ)
Nmap scan report for 192.168.35.53
Host is up (0.020s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
---------------------

how comes nmap route 0.0.0.0/0 map to eth0 (which is down - see iflist) ? how do
i change this to eth1 ?


Thanks for this report. I think the problem you described is fixed in
r29889 and will be fixed in the next release.

http://seclists.org/nmap-dev/2012/q3/1037

You may also be experiencing an unrelated issue, which is that the
source address you are using is not one actually in use by one of your
interfaces, so reply packets may not get routed to you.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Problem routing nmap scans graou (Aug 04)
- Re: Problem routing nmap scans David Fifield (Sep 29)