Nmap Development mailing list archives

Re: NMap crash with -sU

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 4 May 2007 06:22:23 +0000

On Thu, 3 May 2007 21:46:09 -0500 plus or minus some time "Orgle"
<orgle () charter net> wrote:

Running NMap 4.20 on a XP SP2 box, with all the latest Microsoft patches
installed - on a new Gateway desktop PC (business class machine)

            When I run a nmap -vv -sU -P0 68.188.xxx.xxx   the command
starts to run, then my PC crashes - reboots, no BSOD. After reboot, get a
Windows has recovered from a serious error, and back from Microsoft get
the following response on the trouble. Have run some other queries
without a problem, just (so far) had the crash when using the -sU option.
Use ZoneAlarm PC firewall software also (turned ZoneAlarm off, same
problem.)


According to the Microsoft page you were receiving a stop error (BSOD).  It
probably just blinked by so fast your screen never drew it.

Go ahead and disable the automatic reboot on error so that you can read the
BSOD.  Instructions are available at

http://pcsupport.about.com/od/tipstricks/ht/disautorestart.htm

Next time you get the BSOD record the stop error, and if provided, the sys
file listed at the bottom that the error occurred in.

Also, if you haven't do so already, install WinPCAP 4.0.

This error could be anything from a bug in Nmap to a bug in WinPCAP,
Windows, your NIC's Driver, ZoneAlarm or some odd interaction of various
bugs between all five.


            PC is 4 months old with 3G of memory, and is a Duo2 processor,
so lots of horsepower. Any ideas or have you seen this one before? The
Ethernet port is on-board the motherboard, and is an Intel Pro/1000 PM
Ethernet chip setup. Downloaded a BIOS update, same problem. No NIC driver
updates seem available.

            The error URL is
http://wer.microsoft.com/responses/Response.aspx/10/en-us/5.1.2600.2.0001010
0.2.0?SGD=47fcb265-c480-4f8e-852e-a2b6bf373430

Thanks,

John


If the BSOD tells you what sys file caused the error it should be fairly
easy to track down.  If it doesn't, I'd start with uninstalling ZoneAlarm
(turning it off doesn't unload the driver, it simply makes it try to ignore
traffic).  It should be possible to figure out where the error is occurring
bu it may be trial and error to do so.

Brandon

Attachment: signature.asc
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

NMap crash with -sU Orgle (May 03)
- Re: NMap crash with -sU Brandon Enright (May 03)
  - RE: NMap crash with -sU Orgle (May 04)
    - Re: NMap crash with -sU Gianluca Varenni (May 04)
- <Possible follow-ups>
- FW: NMap crash with -sU Orgle (May 05)
  - Re: NMap crash with -sU Gianluca Varenni (May 07)