Nmap Development mailing list archives

RE: NMAP Windows Help !!!!

From: "Kasey Regan" <kregan () trctac com>
Date: Tue, 31 Aug 2004 12:49:55 -0500
THANKS!!!!  That fixed it!

-----Original Message-----
From: Hytham Abu-Safieh [mailto:hythama () softcom biz] 
Sent: Tuesday, August 31, 2004 12:30 PM
To: Kasey Regan; nmap-dev () insecure org
Subject: RE: NMAP Windows Help !!!!

Upgrading to winpcap 3.1 beta 3 solved the problem you described below
on my winxp pro system.

-H

-----Original Message-----
From: Kasey Regan [mailto:kregan () trctac com] 
Sent: Tuesday, August 31, 2004 1:26 PM
To: nmap-dev () insecure org
Subject: NMAP Windows Help !!!!

HELP!! Any ideas sincerely appreciated!!! 

FYI. I am brand new to this list, so forgive me if this question is
redundant.  

For a long time, I successfully used nmap_1.3.1. with winpcap on an
WinXP pro laptop.  One sad day, I went to scan a network, and NMAP just
could not find any nodes, even with just a simple ping scan.

Knowing I was past due to upgrade, deleted the old winpcap and NMAP, and
installed winpcap_3_0 and nmap-3.55-SP2-win32.  Still no luck.  When I
manually ping and then scan a test workstation on my network, here is
the result:


C:\Documents and Settings\nmap355>ping 192.168.0.101

Pinging 192.168.0.101 with 32 bytes of data:

Reply from 192.168.0.101: bytes=32 time<1ms TTL=128
Reply from 192.168.0.101: bytes=32 time<1ms TTL=128
Reply from 192.168.0.101: bytes=32 time<1ms TTL=128
Reply from 192.168.0.101: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.0.101:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

OK that worked, so.

C:\Documents and Settings\nmap355>nmap -sP 192.168.0.101

Starting nmap 3.55-SP2 ( http://www.insecure.org/nmap ) at 2004-08-31
12:01 Cent
ral Standard Time
Note: Host seems down. If it is really up, but blocking our ping probes,
try -P0

Nmap run completed -- 1 IP address (0 hosts up) scanned in 12.048
seconds

C:\Documents and Settings\nmap355>


With a sniffer on the same PC running NMAP, I can see both the ICMP echo
and TCP 80 Resets sent and the corresponding replies being returned from
192.168.0.1.

Here are some of the things I have tried:

1) I double-checked that winpcap was activated by launching msinfo32 and
verifying that the NPF driver was running.

2) I disabled all drivers (except TCP/IP) associated with the NIC

3) I tried a different NIC (my wireless card which worked is the past) 

4) I verified that no firewall, VPN, or antivirus software was activated

5) I tried shutting off all services that I thought may be relative.

6) Gave up and subscribed to this mailing list where higher forms of
intelligence are bound to exist.  HELP!!!

Thanks in advance for any tips!

Kasey Regan
Technology Resources Company










---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:

NMAP Windows Help !!!! Kasey Regan (Aug 31)
- <Possible follow-ups>
- RE: NMAP Windows Help !!!! Hytham Abu-Safieh (Aug 31)
  - RE: NMAP Windows Help !!!! Kasey Regan (Aug 31)