Nmap Development mailing list archives
Re: -P0 still attempts ARP scan
From: William MacKay <foobaz () gmail com>
Date: Tue, 13 Sep 2005 12:41:38 -0400
On Sep 13, 2005, at 12:24 PM, Arturo 'Buanzo' Busleiman wrote:
William MacKay wrote:I have looked through the source, but i can't figure out why Nmap is doing an ARP ping scan when i give it -P0. Is this a bug? I'm pasting a log to demonstrate the problem. The -p80 option isn't necessary, but makes the log a lot shorter:It seems it is default behaviour when the destination IP is in the range of one of your nics.
This is bad, because --spoof_mac seems to screw up the ARP ping scan, so it refuses to scan even with -P0. Here's another log demonstrating that: 12:40 foobaz@port200:~]% sudo nmap -P0 --spoof_mac 0 10.171.32.1 Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-09-13 12:40 EDT Spoofing MAC address 79:00:33:90:0F:54 (No registered vendor) Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap finished: 1 IP address (0 hosts up) scanned in 0.641 seconds 12:40 foobaz@port200:~]% _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- -P0 still attempts ARP scan William MacKay (Sep 13)
- Re: -P0 still attempts ARP scan Arturo 'Buanzo' Busleiman (Sep 13)
- Re: -P0 still attempts ARP scan William MacKay (Sep 13)
- Re: -P0 still attempts ARP scan Fyodor (Sep 13)
- Re: -P0 still attempts ARP scan William MacKay (Sep 13)
- Re: -P0 still attempts ARP scan William MacKay (Sep 13)
- Re: -P0 still attempts ARP scan Arturo 'Buanzo' Busleiman (Sep 13)
- Re: -P0 still attempts ARP scan Fyodor (Sep 13)