Nmap Development mailing list archives

nping sets SYN flag by default even when --flags is 0x00

From: Yi Li <lovelylich () gmail com>
Date: Wed, 09 Jan 2013 12:21:00 +0800

Hi list,

the nping tool in the newest nmap, version 6.25, will set SYN flags intcp by default, and event if I

use --flags 0x00 or NONE, and other options such as --flags RST.
for example:

/home/lich/work/kernel/networking/tcp/tcp_ctrlflags >sudo nping --tcp -p9999 --flags 0xF0 www.google.com


Starting Nping 0.6.01 ( http://nmap.org/nping ) at 2013-01-09 12:04 CST

SENT (0.0274s) TCP 10.66.13.212:20323 > 173.194.43.17:9999 SAUEC ttl=64id=24387 iplen=40 seq=3407091842 win=1480RCVD (0.0278s) TCP 173.194.43.17:9999 > 10.66.13.212:20323 RA ttl=253id=49249 iplen=40 seq=956434501 win=1480SENT (1.0280s) TCP 10.66.13.212:20323 > 173.194.43.17:9999 SAUEC ttl=64id=24387 iplen=40 seq=3407091842 win=1480RCVD (1.0285s) TCP 173.194.43.17:9999 > 10.66.13.212:20323 RA ttl=253id=48426 iplen=40 seq=956434501 win=1480SENT (2.0297s) TCP 10.66.13.212:20323 > 173.194.43.17:9999 SAUEC ttl=64id=24387 iplen=40 seq=3407091842 win=1480RCVD (2.0302s) TCP 173.194.43.17:9999 > 10.66.13.212:20323 RA ttl=253id=45189 iplen=40 seq=956434501 win=1480SENT (3.0314s) TCP 10.66.13.212:20323 > 173.194.43.17:9999 SAUEC ttl=64id=24387 iplen=40 seq=3407091842 win=1480RCVD (3.0318s) TCP 173.194.43.17:9999 > 10.66.13.212:20323 RA ttl=253id=57615 iplen=40 seq=956434501 win=1480SENT (4.0330s) TCP 10.66.13.212:20323 > 173.194.43.17:9999 SAUEC ttl=64id=24387 iplen=40 seq=3407091842 win=1480RCVD (4.0334s) TCP 173.194.43.17:9999 > 10.66.13.212:20323 RA ttl=253id=52342 iplen=40 seq=956434501 win=1480


Max rtt: 0.373ms | Min rtt: 0.315ms | Avg rtt: 0.352ms
Raw packets sent: 5 (200B) | Rcvd: 5 (230B) | Lost: 0 (0.00%)
Tx time: 4.00681s | Tx bytes/s: 49.91 | Tx pkts/s: 1.25
Rx time: 5.00824s | Rx bytes/s: 45.92 | Rx pkts/s: 1.00
Nping done: 1 IP address pinged in 5.06 seconds
/home/lich/work/kernel/networking/tcp/tcp_ctrlflags >

and in a older version 5.51, there will be no flag bit set when I use--flags 0x00.


So, do you already have a patch fixed this which had I  missed ?
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nping sets SYN flag by default even when --flags is 0x00 Yi Li (Jan 08)
- Re: nping sets SYN flag by default even when --flags is 0x00 Luis MartinGarcia. (Jan 09)