Nmap Development mailing list archives
Re: Wild TTL value
From: David Fifield <david () bamsoftware com>
Date: Wed, 1 May 2013 11:01:48 -0700
On Wed, May 01, 2013 at 04:46:52PM +0200, Gisle Vanem wrote:
There seems to be a problem with how libnetutil/netutil.cc is setting the IP-TTL value on sockets; from nmap on Win32 linked with a WinSock tracing lib: * libnetutil/netutil.cc(871) (set_ttl+34): setsockopt (1780, IPPROTO_IP, IP_TTL, ULONG_MAX, 4) --> WSAEINVAL: Invalid arguments (10022). I mean, why set TTL to such a high value? The IP-TTL field is only 8 bits. No wonder Winsock complains. I know about the "nmap --ttl" option but IMHO the default should be bounded to 255 max like this: --- SVN-Latest\libnetutil\netutil.cc Thu Apr 25 10:06:07 2013 +++ libnetutil\netutil.cc Wed May 01 16:41:30 2013 @@ -868,6 +868,7 @@ if (sd == -1) return; + ttl = max (min(ttl, 255), 255); setsockopt(sd, IPPROTO_IP, IP_TTL, (const char *) &ttl, sizeof ttl); #endif } --------- Or better, the caller of set_ttl() should fix it. It is obviously passing a ttl of '-1'.
It looks like there is only one caller, and it's using the default value of -1 for o.ttl. Please try this patch. What I need you to check is that it has the same behavior as before on platforms like Linux that don't give an error for -1. That is, perhaps existing behavior on Linux is to set the TTL to 255 when IP_TTL is set like this, and if that's true, perhaps we should try to keep the behavior. David Fifield
Attachment:
set_ttl-opt.patch
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 02)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)