Nmap Announce mailing list archives
nmap for windows fix
From: "Andy Lutomirski" <AMLuto () hotmail com>
Date: Thu, 25 Oct 2001 22:36:06 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you are using the Windows version of nMap, and you have win2k or winxp, you are probably experiencing slow scans in some cases. Here's a quick patch that hopefully fixes it :) In tcpip.c, replace: int flt_icmptcp_2port(const char *packet, int len) { struct ip* ip = (struct ip*)packet; if(ip->ip_dst.s_addr != flt_dsthost) return 0; if(ip->ip_p == IPPROTO_ICMP) return 1; if(ip->ip_src.s_addr != flt_srchost) return 0; if(ip->ip_p == IPPROTO_TCP) { struct tcphdr* tcp = (struct tcphdr *) (((char *) ip) + 4 * ip->ip_hl); if(len < 4 * ip->ip_hl + 4) return 0; if(tcp->th_dport == flt_baseport || tcp->th_dport == flt_baseport + 1) return 1; } return 0; } with: int flt_icmptcp_2port(const char *packet, int len) { unsigned short dport; struct ip* ip = (struct ip*)packet; if(ip->ip_dst.s_addr != flt_dsthost) return 0; if(ip->ip_p == IPPROTO_ICMP) return 1; if(ip->ip_src.s_addr != flt_srchost) return 0; if(ip->ip_p == IPPROTO_TCP) { struct tcphdr* tcp = (struct tcphdr *) (((char *) ip) + 4 * ip->ip_hl); if(len < 4 * ip->ip_hl + 4) return 0; dport = ntohs(tcp->th_dport); if(dport == flt_baseport || dport == flt_baseport + 1) return 1; } return 0; } Also, in the spirit of killing possible old bugs, please tell me if you are having particularly good or bad experiences with fingerprinting on windows. Send in the output with --win_trace -d. Thanks, Andy -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO9j2PzF1mpyDznXTEQLr7wCfeA5pl0LNwc6JhENwbFpoXTLU8uAAniD+ swqh4kUbf+Cca1iUTSIOuWPN =tu+p -----END PGP SIGNATURE----- -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- nmap for windows fix Andy Lutomirski (Oct 25)