Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap -sP doesn't really send ICMP packets?

From: "Burton Windle" <burtonwindle () gmail com>
Date: Tue, 6 Feb 2007 10:55:34 -0500
Hello. nmap 4.20, complied locally on a Debian Testing system running
Linux kernel 2.6.20.

When doing an nmap -sP (to scan for machines that respond to ICMP Echo
packets) nmap was reporting that a certain host was down. In fact, the
machine responds to ICMP pings (Type 8, and sends back Type 0), but
TCP/80 is filtered (no RST, nothing)

In doing packet sniffs, it appears that "nmap -sP host" will not
actually do an ICMP ping scan, but instead send *only* a packet to
TCP/80 to the host; if that fails, it reports it down.

Is this a bug or a feature? the man page says "The -sP option sends an
ICMP echo request *and* a TCP packet to port 80 by default." However I
am only seeing TCP/80 and no ICMP.

This is trivial to reproduce; I have tcpdump packet traces to verify.

--
Burton

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: