Nmap Development mailing list archives
Re: NMAP crash -- more
From: David Fifield <david () bamsoftware com>
Date: Thu, 13 Sep 2012 13:29:07 -0700
On Thu, Sep 13, 2012 at 05:23:39AM -0400, starlight.2012q3 () binnacle cx wrote:
Actually the -e eth4 -S 172.29.86.4 options may be related to the problem. At the point where the message WARNING: RST from 58.218.199.250 port 1 -- is this port really open? appears, 'nmap' switches from using the supplied -S 172.29.86.4 to using the interface and address associated with the normal default route 172.29.79.1 (per 'tcpdump').
I think this is unrelated to the problem of exceeding the socket limit. OS detection seems to ignore -S the same way it ignores -g and other options. See http://nmap.org/book/man-bypass-firewalls-ids.html. Ignoring -S is probably a bug. But I think you will see the same during OS detection against any host, not just this one that is exceeding the socket limit. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NMAP crash -- more starlight . 2012q3 (Sep 13)
- <Possible follow-ups>
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more Fyodor (Sep 17)
- Re: NMAP crash -- more David Fifield (Sep 18)
- Re: NMAP crash -- more David Fifield (Sep 26)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 26)
- Re: NMAP crash -- more David Fifield (Sep 26)