Re: Potential bug in nmap 4.21ALPHA4 (and before)

["Kris Katterjohn" <katterjohn () gmail com>]

On 5/16/07, Fyodor <fyodor () insecure org> wrote:
> On Wed, May 16, 2007 at 11:19:12PM +0200, Sebastian Wolfgarten wrote:
> >
> > And here is the problem: Which option does actually suck
> > (send_closedudp_probe: One or more of your parameters suck!)? Why do I
> > get these messages when to me the command-line call above looks quite
> > alright, doesn't it?
>
> Thanks for the report, Sebastian.  This is definitely an Nmap bug
> related to a combination of scanning port zero and OS scan, but after
> looking into the code, I think this only affects the old OS detection
> system.  Since I hope to get rid of that 1st generation system
> completely, it probably isn't worth fixing and testing.  Though if
> someone wants to, I'd certainly accept a patch.  And if you are able
> to reproduce this with -O2 (sencond generation system), please post
> the log.
I'm on a Windows (XP SP2) machine tonight with lame dialup, so no LAN or
anything to test on :(

I attached a patch that should (I hope) work... or maybe somebody can use it
as a base to work with if it fails.  I was able to compile it fine, I just
couldn't play with it.  It tries to get another closed port (or unfiltered,
I added the code there too) to use instead of 0.  I should be able to test
it out tomorrow, but wanted to go ahead and throw it out here since I made
the patch all ready :)

So please test anybody (especially you Sebastian ;))

Thanks,
Kris Katterjohn

Attachment: osscan-port0.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org