Re: [nmap] set source port in unprivileged mode

[Fyodor <fyodor () nmap org>]

On Fri, Jan 2, 2015 at 6:47 PM, Simone Chiarelli <simchi88 () gmail com> wrote:

> It’s possible to set source port in tcp/connect scan mode even while
> unprivileged (for ports higher than 1023).
> Would it be feasible to add such feature to nmap?

Hi Simone.  Thanks for the suggestion.  Right now our connect() scan
doesn't support setting the source port (-g) at all--either with privileges
or without.  We would certainly consider such a feature if someone wrote a
patch and it worked well.  However, I'm worried that problems might crop up
with retransmissions and also the case where we do a TCP connect() ping to
the host followed by a port scan against the same port.  Some systems might
not let us create a repeat connection with the same 4-tuple (src and dest
host and ports) so quickly due to wait states or other issues.  I haven't
really tested it or thought about it much though.  It would need to be
tested on at least Linux, Windows, and Mac.

I think the vast majority of people who would want to use -g have root
privileges and are using SYN scan for their TCP scanning.  So we haven't
seen a lot of demand for adding this support to connect scan.  But like I
said, we'd definitely consider a patch if someone wants the feature enough
to write and test it.

Cheers,
Fyodor

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/