Re: Nmap under OpenVZ venet?

[David Fifield <david () bamsoftware com>]

On Wed, Mar 06, 2013 at 09:11:55AM +0400, NStorm wrote:
> Long version:
>
> I've read a bits regarding the issues with venet devices on list archives 
> (http://seclists.org/nmap-dev/2012/q2/808).
> Seems like there is no solution yet. I've tried this myself and got 
> interesting results. Seems like if I run it from normal user it works fine:
> $ nmap -A -v host.domain
>
> Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-06 07:28 MSK
> NSE: Loaded 106 scripts for scanning.
> NSE: Script Pre-scanning.
> Initiating Ping Scan at 07:28
> Scanning host.domain (X.X.X.X) [2 ports]
> Completed Ping Scan at 07:28, 1.36s elapsed (1 total hosts)
> Initiating Parallel DNS resolution of 1 host. at 07:28
> Completed Parallel DNS resolution of 1 host. at 07:28, 0.05s elapsed
> Initiating Connect Scan at 07:28
> Scanning host.domain (X.X.X.X) [1000 ports]
> Discovered open port 53/tcp on ...
>
> And scan completes as normal.
> But if I try to run the same thing, from same host just under root priveledges 
> (either from sudo or directly from shell) it seems to go weird:
>
> Initiating ARP Ping Scan at 07:27
> Scanning host.domain (X.X.X.X) [1 port]
> Completed ARP Ping Scan at 07:27, 0.42s elapsed (1 total hosts)
> Nmap scan report for host.domain (X.X.X.X) [host down]

Can you send me your
        nmap --route-dst X.X.X.X
        nmap --iflist
(As root.)

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/