Nmap Development mailing list archives
Re: Nmap 4.20 on Mac OS X
From: Hayden Stainsby <hds () caffeineconcepts com>
Date: Mon, 6 Nov 2006 22:19:42 +0000
On 6 Nov 2006, at 21:37, Fyodor wrote:
On Mon, Nov 06, 2006 at 05:28:51PM +0100, Christophe Thil wrote:I just tried running the latest Nmpa Alpha on Mac OS X/PPC. Sadly, all interesing scans (-sS for example) and OS Discovery don't work. Only the connect() scan returns a result. Nmap claims the host to be down; forcing with -P0 overrides this and Nmap generates probe packets, but the responses aren't processed.Thanks for the report. I don't have a MAC, but Nmap developer Diam Todorov was able to reproduce the problem on his PPC Mac. And his friend apparently had similar problems on X86 MAC. I'm surprised we haven't heard about this before. Doing a binary search on Nmap revisions, we found that the problem seemed to first appear in 4.20ALPHA5. Libpcap was upgraded from 0.9.3 to 0.9.4, but that looks like a red herring since Nmap seems to use OS X's system libpcap instead for both versions. We reproduced your result that Nmap was sending the pakcets properly, but wasn't seeing the responses. ALPHA5 has a few changes which could conceivably have caused this. These seem to be the most likely ones: o Nmap now uses the (relatively) new libpcap pcap_get_selectable_fd API on systems which support it. This means that we no longer need to hack the included Pcap to better support Linux. So Nmap will now link with an existing system libpcap by default on that platform if one is detected. Thanks to Doug Hoyte for the patch. o Nmap now supports IP options with the new --ip-options flag. You can specify any options in hex, or use "R" (record route), "T" (record timestamp), "U") (record route & timestamp), "S [route]" (strict source route), or "L [route]" (loose source route). Specify --packet-trace to display IP options of responses. For further information and examples, see http://insecure.org/nmap/man/ and http://seclists.org/nmap-dev/2006/q3/0052.html . Thanks to Marek Majkowski for writing and sending the patch. o Applied a bunch of small internal cleanup patches by Kris Katterjohn (kjak(a)ispwest.com). Is anyone with a MAC able to investigate this further? Diman had to go because it is getting pretty late in Austria. Nmap alpha4 (working) and alpha5 (broken) can be found at http://insecure.org/nmap/dist/?C=M&O=D . Thanks, Fyodor
I'm probably not much help actually solving the problem, but I'm more than happy to pass along process trace files if they're of any use (PPC/Intel). Just yell. -- Hayden _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.20 on Mac OS X Christophe Thil (Nov 06)
- Re: Nmap 4.20 on Mac OS X Fyodor (Nov 06)
- Re: Nmap 4.20 on Mac OS X Hayden Stainsby (Nov 06)
- Re: Nmap 4.20 on Mac OS X Kurt Grutzmacher (Nov 06)
- Re: Nmap 4.20 on Mac OS X Kurt Grutzmacher (Nov 06)
- Re: Nmap 4.20 on Mac OS X Fyodor (Nov 06)
- Re: Nmap 4.20 on Mac OS X Kurt Grutzmacher (Nov 06)
- Re: Nmap 4.20 on Mac OS X doug (Nov 07)
- Re: Nmap 4.20 on Mac OS X Fyodor (Nov 19)
- Re: Nmap 4.20 on Mac OS X Hayden Stainsby (Nov 06)
- Re: Nmap 4.20 on Mac OS X Fyodor (Nov 06)
- <Possible follow-ups>
- Re: Nmap 4.20 on Mac OS X Christophe Thil (Nov 19)