Nmap Development mailing list archives
Re: Nmap 4.21alpha4 Issue?
From: alan () ajsquared us
Date: Fri, 20 Apr 2007 11:18:35 -0700
Nmap 4.21 alapha 4 Winpcap 3.1 (from the Nmap installer) In fact in this case I uninstalled Winpcap and reinstalled it with the Nmap installer Arguments nmap -v -sV -O2 -A -traceroute -oA checkbox 10.1.20.* =-=-=--=-=- Windows IP Configuration Host Name . . . . . . . . . . . . : asjones2 Primary Dns Suffix . . . . . . . : AD.xxxxxxxxxxx.COM Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : AD.xxxxxxxx.COM ad.xxxxxx.com xxxxxx.COM Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2915ABG Network Connection Physical Address. . . . . . . . . : 00-0E-35-C1-0B-42 Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : ad.xxxxxxxxxx.com Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet Physical Address. . . . . . . . . : 00-12-79-BE-78-17 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.1.20.90 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 10.1.20.1 DHCP Server . . . . . . . . . . . : 10.0.0.13 DNS Servers . . . . . . . . . . . : 10.0.0.13 10.0.0.8 Primary WINS Server . . . . . . . : 10.0.0.10 Lease Obtained. . . . . . . . . . : Friday, April 20, 2007 8:26:07 AM Lease Expires . . . . . . . . . . : Monday, April 23, 2007 8:26:07 AM The scan will go for a while till it hits my IP addres then......... Initiating ARP Ping Scan at 13:14 Scanning 165 hosts [1 port/host] Completed ARP Ping Scan at 13:14, 0.77s elapsed (165 total hosts) Initiating Parallel DNS resolution of 165 hosts. at 13:14 Completed Parallel DNS resolution of 165 hosts. at 13:14, 9.04s elapsed Skipping SYN Stealth Scan against 10.1.20.90 because Windows does not support scanning your own machine (localhost) this way. Initiating Service scan at 13:14 Skipping OS Scan against 10.1.20.90 because it doesn't work against your own machine (localhost) pcap_open_live(lo0, 100, 0, 2) FAILED. Reported error: Error opening adapter: Th e system cannot find the device specified. (20). Will wait 5 seconds then retry. pcap_open_live(lo0, 100, 0, 2) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 25 seconds then retry. Call to pcap_open_live(lo0, 100, 0, 2) failed three times. Reported error: Error opening adapter: The system cannot find the device specified. (20) There are several possible reasons for this, depending on your operating system: LINUX: If you are getting Socket type not supported, try modprobe af_packet or r ecompile your kernel with SOCK_PACKET enabled. *BSD: If you are getting device not configured, you need to recompile your kern el with Berkeley Packet Filter support. If you are getting No such file or dire ctory, try creating the device (eg cd /dev; MAKEDEV <device>; or use mknod). *WINDOWS: Nmap only supports ethernet interfaces on Windows for most operations because Microsoft disabled raw sockets as of Windows XP SP2. Depending on the reason for this error, it is possible that the --unprivileged command-line argum ent will help. SOLARIS: If you are trying to scan localhost and getting '/dev/lo0: No such fil e or directory', complain to Sun. I don't think Solaris can support advanced lo calhost scans. You can probably use "-P0 -sT localhost" though. QUITTING! ------------------------- From: Brett Cunningham <cssniper22_at_gmail.com> Date: Wed, 18 Apr 2007 20:24:10 -0500 I should have read more carefully your output. Refer to: "Skipping SYN Stealth Scan against 10.1.20.90 because Windows does not support scanning your own machine (localhost) this way." Nmap does recognize your local host and acts accordingly (by skipping your localhost). This does not actually seem to be the problem. I cannot seem to reproduce the errors. Could you please provide the exact arguments, along with Nmap, Winpcap and Windows version. Lastly, the output from 'ipconfig /all' could further assist in troubleshooting. On 4/17/07, alan_at_ajsquared.us <alan_at_ajsquared.us> wrote:
Brett, Thanks for the reply... i figured the limitation was windows, but one may often want to easily scan their own range so it gets more tricky.... I hate to crash just because something Windows can't handle it if Nmap could just say "Windows can't do X.... we are excluding Y". That is why i was thinking an exclusion.... I tried your example as-is and got the following: C:\Util\Nmap>nmap -sS -p80 -P0 192.168.1.1/24 -packet_trace -n -S 192.16 8.1.108 -e eth0 Starting Nmap 4.21ALPHA4 ( http://insecure.org ) at 2007-04-17 16:21 Central Day light Time NmapArpCache() can only take IPv4 addresses. Sorry QUITTING! Then I adjusted for my IP address and go the same thing: C:\Util\Sniffer\Nmap>nmap -sS -p80 -P0 10.1.20.1/24 -packet_trace -n -S 10.1.20. 108 -e eth0 Starting Nmap 4.21ALPHA4 ( http://insecure.org ) at 2007-04-17 16:24 Central Day light Time NmapArpCache() can only take IPv4 addresses. Sorry QUITTING! thanks Alan-------- Original Message -------- Subject: Re: Nmap 4.21alpha4 Issue? From: "Brett Cunningham" <cssniper22_at_gmail.com> Date: Tue, April 17, 2007 2:55 pm To: "alan_at_ajsquared.us" <alan_at_ajsquared.us>, nmap-dev_at_insecure.org The issue of not being able to scan localhost is a limitation in Windows. That's a good point that maybe nmap should exclude itself, or use some sort of work around. For now, see if the following example works: *nmap -sS -p80 -P0 192.168.1.1/24 -packet_trace -n -S 192.168.1.108 -e eth0 * ref.: http://seclists.org/nmap-dev/2006/q1/0318.html On 4/17/07, alan_at_ajsquared.us wrote: > > When I try and scan a subnet 1.2.3.* that I am on I have found Nmap > seems to quit early. I don't remember it doing that in the past > (several versions ago) > > I am assuming this is not a problem with WinPcap? > > If Nmap can's can it's own host on Windows could there be an automated > exclusion so the program just excludes the IP address? > > Here is what happens after scanning many hosts.... > > > > Initiating ARP Ping Scan at 10:51 > Scanning 165 hosts [1 port/host] > Completed ARP Ping Scan at 10:51, 0.67s elapsed (165 total hosts) > Initiating Parallel DNS resolution of 165 hosts. at 10:51 > Completed Parallel DNS resolution of 165 hosts. at 10:51, 9.01s elapsed > Skipping SYN Stealth Scan against 10.1.20.90 because Windows does not > support sc > anning your own machine (localhost) this way. > Initiating Service scan at 10:51 > Skipping OS Scan against 10.1.20.90 because it doesn't work against your > own machine (localhost) > pcap_open_live(lo0, 100, 0, 2) FAILED. Reportederror: Error opening > adapter: Th > e system cannot find the device specified. (20). Will wait 5 seconds > then retry > . > pcap_open_live(lo0, 100, 0, 2) FAILED. Reported error: Error opening > adapter: Th > e system cannot find the device specified. (20). Will wait 25 seconds > then retr > y. > Call to pcap_open_live(lo0, 100, 0, 2) failed three times. Reported > error: Error > opening adapter: The system cannot find the device specified. (20) > There are several possible reasons for this, depending on your operating > system: > > LINUX: If you are getting Socket type not supported, try modprobe > af_packet or r > ecompile your kernel with SOCK_PACKET enabled. > *BSD: If you are getting device not configured, you need to recompileyour kern > el with Berkeley Packet Filter support. If you aregetting No such file > or dire > ctory, try creating the device (eg cd /dev; MAKEDEV ; or use > mknod). > *WINDOWS: Nmap only supports ethernet interfaces on Windows for most > operations > because Microsoft disabled raw sockets as of Windows XP SP2. Depending > on the > reason for this error, it is possible that the --unprivileged > command-line argum > ent will help. > SOLARIS: If you are trying to scan localhost and getting '/dev/lo0: No > such fil > e or directory', complain to Sun. I don't think Solaris can support > advanced lo > calhost scans. You can probably use "-P0 -sT localhost" though. > > > QUITTING! > > > > > > _______________________________________________Sent through the nmap-dev mailing list >http://cgi.insecure.org/mailman/listinfo/nmap-dev > Archived at http://SecLists.Org > _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.21alpha4 Issue? alan (Apr 17)
- Re: Nmap 4.21alpha4 Issue? Brett Cunningham (Apr 17)
- <Possible follow-ups>
- RE: Nmap 4.21alpha4 Issue? alan (Apr 17)
- Re: Nmap 4.21alpha4 Issue? Brett Cunningham (Apr 18)
- Re: Nmap 4.21alpha4 Issue? alan (Apr 20)
- Re: Nmap 4.21alpha4 Issue? Eddie Bell (Apr 20)