[Recap] win32 - failed to determine dst mac address for target

[kx <kxmail () gmail com>]

Louie and I looked into this, and it appears that at one point, all of
his hosts were configured for two default gateways for an experiment
with fault-tolerant internet access.  Let's say these gateways were .1
and .2. .2 is now the default, but .1 no longer exists.

In the host that worked, nmap had the .2 then the .1 in it's route
table, tried .2 first and succeeded.

In the two that failed, nmap had the .1 first, then the .2 in the
route table, tried .1 and failed to find the ethernet address for .1
via ARP, as it doesn't exist.

To date, all of the win32 "failed to determine dst mac address for
target" errors seem to occur when a default gateway is missing or
misconfigured, or when an non-ethernet adapter is used.

Maybe we could add something like:
"failed to determine dst mac address for target gateway: %ip_address_of_gw"
"Check your routing table for target: %ip_address"

Thanks again to Louie for sending me the needed outputs.

Cheers,
  kx

On 3/14/06, Louie Jagoe <jagoe () stnoble com> wrote:
> Hiya,
>
> I have the perfect test environment for helping to troubleshoot this
> "failed to determine dst mac address for target" problem. There seem to
> be a number of people (guaged by googling) having this problem (and I'm
> one of them) so I'd like to help solving it. (Just for the record, I
> have researched this problem in forums, newsgroups and on the web so I
> don't believe I'm overlooking the obvious or re-inventing the wheel.)
>
> Basically I have three machines in the test bed, one of which works
> perfectly:
>
>        machine #1 - Toshiba Tecra 9100, winxp pro, sp2, fully patched
>
>        machine #2 - Dell Dimension 8400, winxp pro, sp2, fully patched
>
>        machine #3 - (old) Dell Precision workstation, win2k, sp4, fully
> patched
>
>
> All machines have winpcap 3.1 and the microsoft network monitor driver
> installed. They all have no trouble running snort. The nmap distros on
> these machines are all downloaded w32 binaries.
>
> Machine #1 works fine with nmap-3.81, nmap-3.93, nmap-4.01 and
> nmap-4.02Alpha2.
>
> Machine #2 (same os and patch set as machine #1) with nmap-4.01 gives
> the dreaded "failed to determine dst mac address for target" only when
> trying to scan hosts outside of its network segment (i.e. layer 2 across
> a router). In other words, nmap works fine on the home lan.
>
> Machine #3 (different os altogether) with nmap-4.01 gives exactly the
> same behaviour as machine #2
>
> Preliminary comparison of registry settings yielded nothing useful. The
> windows xp firewall has also been ruled out. So from where I sit I have
> the perfect lab environment for patch testing. I don't have the time to
> roll up my sleeves and get into the source (it would take me a month
> just to get up to speed again on vc++ and tcp/ip programming). But I can
> offer my services on a sys/network admin level and try out patches or
> config suggestions.
>
> I wasn't sure that the nmap dev list was such a good starting point,
> thus the reason for this email.
>
> Please advise,
>
> Louie
>
> =====================================================
> Louis Jagoe, Director
> St. Noble Company                 Geneva's IT Experts
> Geneva, Switzerland            http://www.stnoble.com
> =====================================================
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev