Nmap Development mailing list archives
RE: nmap -P0 reboots Windows XP
From: "Sean Warnock" <swarnock () warnocksolutions com>
Date: Wed, 8 Mar 2006 07:35:47 -0800
Bryan wrote:
If you disable auto-reboot on error, do you get a blue screen or error message? Regards, Bryan On 3/7/06, Kris Katterjohn <kjak () ispwest com> wrote:I've been using nmap on Linux for several years, but I just tried
nmap for
the first time on Windows today. I installed WinPcap 3.1 and nmap 4.01 (self-installer). [I typed this story about the things I tried and the options used,
etc.,
but it got way too long so I'm just giving you the short version] After quite a bit of testing, I figured out that SOMETIMES when I hit
^C
while using the options -sS (I don't type it but it's the default) and -P0, Windows will reboot. I've tried it a lot with different scan types etc., but
it
hasn't happened yet when it wasn't -sS AND -P0. Using -sS without -P0 hasn't resulted in a reboot, and neither has -sX, -sA, etc. with or without -P0. It happens at different times, but most of the time it happens after
the
actual SYN scan starts (judging with -d). I'd say it reboots about 50% of the time after hitting ^C within 5
seconds
of nmap starting with those options. I'll answer any questions and try any suggestions you may have. It's Windows XP Home with Service Pack 2. Has anyone else experienced this? Thanks, Kris Katterjohn _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
I didn't know you could do that. I googled it, turned it off and got a BSOD: IRQL_NOT_LESS_OR_EQUAL So I googled that and saw that it sometimes comes up because of hardware failure. I installed some more RAM in that box last week, but haven't had any problems with it. It's a lesser used box that dual-boots Windows and Linux, but both have been used for normal things and have worked fine. I took the RAM out, tried nmap about 20 times and Windows didn't reboot at all. So the RAM was apparently the root of the problem, but winpcap/nmap was the thing that caused it. Now I'm off to see what I can do about this..... Thanks a lot, Kris Katterjohn OK, IRQL_NOT_LESS_OR_EQUAL on Windows is generally a driver fault. There should be two lines further down that mention what caused the kernel to halt. I normally just identify the file listed (ex. winpcap.sys) and start digging from there. You may find that it is the computers network card driver or like my example it may be winpcap that is crashing. Sean _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- nmap -P0 reboots Windows XP Kris Katterjohn (Mar 07)
- Re: nmap -P0 reboots Windows XP Bryan (Mar 07)
- Re: nmap -P0 reboots Windows XP Kris Katterjohn (Mar 07)
- Re: nmap -P0 reboots Windows XP Kris Katterjohn (Mar 07)
- Re: nmap -P0 reboots Windows XP Casey Williams (Mar 08)
- Re: nmap -P0 reboots Windows XP Loris Degioanni (Mar 08)
- Re: nmap -P0 reboots Windows XP Kris Katterjohn (Mar 08)
- Re: nmap -P0 reboots Windows XP Bryan (Mar 08)
- Re: nmap -P0 reboots Windows XP Casey Williams (Mar 08)
- Re: nmap -P0 reboots Windows XP Kris Katterjohn (Mar 07)
- Re: nmap -P0 reboots Windows XP Bryan (Mar 07)
- <Possible follow-ups>
- RE: nmap -P0 reboots Windows XP Mike C (Mar 08)
- RE: nmap -P0 reboots Windows XP Sean Warnock (Mar 08)
- RE: nmap -P0 reboots Windows XP Sean Warnock (Mar 08)
- Re: nmap -P0 reboots Windows XP Kris Katterjohn (Mar 08)