Re: Problem running nmap

[Fyodor <fyodor () insecure org>]

On Sat, Sep 30, 2006 at 02:23:42PM +0100, DIGANTA DE. wrote:
> Hi, 
>     I am having problem running nmap (4.11 Win). I run it over WinXP SP2 and after running it I see the following 
> error:: 
>
> D:\Program Files\Nmap>nmap  -sP www.hackology.com
>
> Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2006-09-30 18:46 India St
> andard Time
> pcap_open_live(ppp0, 104, 0, 20) FAILED. Reported error: Error opening adapter:
> The system cannot find the device specified. (20).  Will wait 5 seconds then ret

Thanks for the report.  Nmap cannot do a raw-packet ping scan on
PPP/PPPoE interfaces.  However, Nmap already has a workaround for this
when dealing with unprivileged users on UNIX.  In that case, Nmap
emulates the behavior using the connect() call.  Unfortunately, that
code assumes that the privilege status won't change during Nmap
execution.  But in your case on Windows, you have the proper
privileges to do a raw ARP or SYN ping scan against your LAN, but
cannot deal with it against targets which route through your PPP
interface.

For the next version of Nmap (due out this weekend), I'll add an
--unprivileged option and change the pcap_open_live error to reference
it.  That way you can do "nmap -sP --unprivileged www.hackology.com"
and Nmap will use the connect() workaround and should work fine.

A better approach is to have Nmap decide on a case by case basis which
targets it can handle raw, and which ones it needs to use the
workaround for.  But I don't have time to code that right now,
especially since I'm likely to integrate the ping scanning code into
ultra_scan() in the next 6 months anyway.  Of course if anyone else is
motivated enough to produce a better fix, they are most welcome to.

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org