Nmap Development mailing list archives
icmpprotohack question
From: "Eddie Bell" <ejlbell () gmail com>
Date: Wed, 14 Jun 2006 14:24:25 +0200
In scan_engine.cc at the bottom of get_pcap_results() there a block of code, used in protocol scans, that seems to set icmp as open if nmap receives any icmp packet. I set up a firewall rule to drop all ICMP packets but nmap still says icmp is open because it receives protocol unreachable messages. Should the code not test the type of icmp message to determine if icmp is open or closed? Surely receiving a protocol unreachable message for icmp should automatically negate icmp from being open Have I missed something or does this seem wrong? - eddie _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- icmpprotohack question Eddie Bell (Jun 14)
- Re: icmpprotohack question Fyodor (Jun 25)