Nmap Development mailing list archives
Bug in Nping 0.6.47? (Linux Mint 17.1, kernel version: 3.13.0-37)
From: Nenad Ivkovic <nivkovic () gmail com>
Date: Sun, 22 Mar 2015 00:30:15 +0000
Hi! I think I found odd behaviour that could be bug in nping. Output of this command is as expected, remote port 2222 is closed and remote host sends back tcp packets with RA flags set sudo nping --tcp -g 44163 -p 2222 -c 1 echo.nmap.org *>Starting Nping 0.6.47...* *>SENT (0.2391s) TCP X.X.X.X:44163 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=64 id=17067 iplen=40 seq=1570285564 win=1480 * *>RCVD (0.4494s) TCP 74.207.244.221:2222 <http://74.207.244.221:2222> > X.X.X.X:44163 RA ttl=55 id=0 iplen=40 seq=0 win=0* ... However, with nping in echo mode, same command returns different answer from remote echo server. Instead of expected RA flags, echo server sends back tcp packet with PA flags set (from port 9929!) sudo nping -ec "public" --tcp -g 44163 -p 2222 -c 1 echo.nmap.org *>Starting Nping 0.6.47...* *>SENT (1.2238s) TCP X.X.X.X:44163 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=64 id=18290 iplen=40 seq=3406718482 win=1480 * *>CAPT (1.3439s) TCP X.X.X.X:44163 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=54 id=18290 iplen=40 seq=3406718482 win=1480 * *>RCVD (1.4639s) TCP 74.207.244.221 <http://74.207.244.221>:9929 > X.X.X.X:44163 PA ttl=55 id=8008 iplen=164 seq=298421412 win=260 <nop,nop,timestamp 1645516914 11190368>* ... However, both of these commands behave as expected without -g option. sudo nping --tcp -p 2222 -c 1 echo.nmap.org Starting Nping 0.6.47... *>SENT (0.1436s) TCP X.X.X.X:16345 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=64 id=41314 iplen=40 seq=4082029530 win=1480 * *>RCVD (0.3539s) TCP 74.207.244.221:2222 <http://74.207.244.221:2222> > X.X.X.X:16345 RA ttl=55 id=0 iplen=40 seq=0 win=0* sudo nping -ec "public" --tcp -p 2222 -c 1 echo.nmap.org Starting Nping 0.6.47... *>SENT (1.3125s) TCP X.X.X.X:21521 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=64 id=18614 iplen=40 seq=3696733169 win=1480 * *>CAPT (1.4346s) TCP X.X.X.X:21521 > 74.207.244.221:2222 <http://74.207.244.221:2222> S ttl=54 id=18614 iplen=40 seq=3696733169 win=1480 * *>RCVD (1.5233s) TCP 74.207.244.221:2222 <http://74.207.244.221:2222> > X.X.X.X:21521 RA ttl=55 id=0 iplen=40 seq=0 win=0* Obviously, there seems to be some problem with -g option. Is this a bug in nping or some feature I don't quite understand? Greetings, Nenad
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug in Nping 0.6.47? (Linux Mint 17.1, kernel version: 3.13.0-37) Nenad Ivkovic (Mar 23)