Re: Nmap 4.20 on Mac OS X

[Hayden Stainsby <hds () caffeineconcepts com>]

On 6 Nov 2006, at 21:37, Fyodor wrote:

> On Mon, Nov 06, 2006 at 05:28:51PM +0100, Christophe Thil wrote:
> > I just tried running the latest Nmpa Alpha on Mac OS X/PPC. Sadly,
> > all interesing scans (-sS for example) and OS Discovery don't work.
> > Only the connect() scan returns a result.
> >
> > Nmap claims the host to be down; forcing with -P0 overrides this and
> > Nmap generates probe packets, but the responses aren't processed.
>
> Thanks for the report.  I don't have a MAC, but Nmap developer Diam
> Todorov was able to reproduce the problem on his PPC Mac.  And his
> friend apparently had similar problems on X86 MAC.  I'm surprised we
> haven't heard about this before.  Doing a binary search on Nmap
> revisions, we found that the problem seemed to first appear in
> 4.20ALPHA5.  Libpcap was upgraded from 0.9.3 to 0.9.4, but that looks
> like a red herring since Nmap seems to use OS X's system libpcap
> instead for both versions.  We reproduced your result that Nmap was
> sending the pakcets properly, but wasn't seeing the responses.
>
> ALPHA5 has a few changes which could conceivably
> have caused this.  These seem to be the most likely ones:
>
> o Nmap now uses the (relatively) new libpcap pcap_get_selectable_fd
>   API on systems which support it.  This means that we no longer need
>   to hack the included Pcap to better support Linux.  So Nmap will now
>   link with an existing system libpcap by default on that platform if
>   one is detected.  Thanks to Doug Hoyte for the patch.
>
> o Nmap now supports IP options with the new --ip-options flag.  You
>   can specify any options in hex, or use "R" (record route), "T"
>   (record timestamp), "U") (record route & timestamp), "S [route]"
>   (strict source route), or "L [route]" (loose source route).  Specify
>   --packet-trace to display IP options of responses.  For further
>   information and examples, see http://insecure.org/nmap/man/ and
>   http://seclists.org/nmap-dev/2006/q3/0052.html .  Thanks to Marek
>   Majkowski for writing and sending the patch.
>
> o Applied a bunch of small internal cleanup patches by Kris Katterjohn
>   (kjak(a)ispwest.com).
>
> Is anyone with a MAC able to investigate this further?  Diman had to
> go because it is getting pretty late in Austria.  Nmap alpha4
> (working) and alpha5 (broken) can be found at
> http://insecure.org/nmap/dist/?C=M&O=D .
>
> Thanks,
> Fyodor

I'm probably not much help actually solving the problem, but I'm more  
than happy to pass along process trace files if they're of any use  
(PPC/Intel). Just yell.

--
Hayden

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org