Nmap Development mailing list archives
Re: Issue with nmap on wireless Vista interface (Follow-Up)
From: "Scott Burch" <camberwind () gmail com>
Date: Sat, 7 Apr 2007 08:26:29 -0400
Hi, I have confirmed that in Vista Ultimate you cannot use nmap on a wirless interface. As I mentioned throughout this thread it works fine on wired interfaces, but not on wireless. If I try to use nmap on a wireless interface, this is what happens: (I think this may be caused by the fact that nmap see's Vista using net0 as the interface, but the first line of -iflist listed below the first group of output below, says the following: ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC net0 (net0) (null)/0 other down ...but then later it says: net0 (net0) 169.254.199.181/16 other up Tried this on two different wirless apapters and I get the same results. I can use windump, wireshark, packetyzer, and microsoft network monitor3 fine with the wireless and wired interfaces..but nmap only works on wired interfaces. Starting Nmap 4.20 ( http://insecure.org ) at 2007-04-07 08:21 Eastern Daylight Time pcap_open_live(net0, 104, 0, 15) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 5 seconds then retry. pcap_open_live(net0, 104, 0, 15) FAILED. Reported error: Error opening adapter: The system cannot find the device specified. (20). Will wait 25 seconds then retry. Call to pcap_open_live(net0, 104, 0, 15) failed three times. Reported error: Error opening adapter: The system cannot find the device specified. (20) There are several possible reasons for this, depending on your operating system: LINUX: If you are getting Socket type not supported, try modprobe af_packet or recompile your kernel with SOCK_PACKET enabled. *BSD: If you are getting device not configured, you need to recompile your kernel with Berkeley Packet Filter support. If you are getting No such file or directory, try creating the device (eg cd /dev; MAKEDEV <device>; or use mknod). *WINDOWS: Nmap only supports ethernet interfaces on Windows for most operations because Microsoft disabled raw sockets as of Windows XP SP2. Depending on the reason for this error, it is possible that the --unprivileged command-line argument will help. SOLARIS: If you are trying to scan localhost and getting '/dev/lo0: No such file or directory', complain to Sun. I don't think Solaris can support advanced localhost scans. You can probably use "-P0 -sT localhost" though. QUITTING! Here is further output: $ nmap -iflist Starting Nmap 4.20 ( http://insecure.org ) at 2007-04-07 08:18 Eastern Daylight Time ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC net0 (net0) (null)/0 other down eth0 (eth0) (null)/0 ethernet up 86:04:20:52:41:53 eth1 (eth1) (null)/0 ethernet up 86:04:20:52:41:53 eth2 (eth2) (null)/0 ethernet up 86:04:20:52:41:53 eth3 (eth3) (null)/0 ethernet up 86:04:20:52:41:53 eth4 (eth4) (null)/0 ethernet down 00:15:60:C4:B9:D4 eth5 (eth5) (null)/0 ethernet down 00:15:60:C4:B9:D4 eth6 (eth6) (null)/0 ethernet down 00:16:41:63:B8:DB eth7 (eth7) 192.168.223.1/24 ethernet up 00:50:56:C0:00:01 eth8 (eth8) 192.168.81.1/24 ethernet up 00:50:56:C0:00:08 eth9 (eth9) (null)/0 ethernet down 00:15:60:C4:B9:D4 eth10 (eth10) (null)/0 ethernet down 00:15:60:C4:B9:D4 ppp0 (ppp0) (null)/0 other up ppp1 (ppp1) (null)/0 other up lo0 (lo0) 127.0.0.1/8 loopback up net0 (net0) 169.254.199.181/16 other up net1 (net1) (null)/0 other up net2 (net2) (null)/0 other up net3 (net3) (null)/0 other up net4 (net4) (null)/0 other up net5 (net5) (null)/0 other up net6 (net6) (null)/0 other down net7 (net7) (null)/0 other down net0 (net0) (null)/0 other up net1 (net1) (null)/0 other up **************************ROUTES************************** DST/MASK DEV GATEWAY 255.255.255.255/32 net0 169.254.199.181 255.255.255.255/32 eth7 192.168.223.1 127.0.0.1/32 lo0 127.0.0.1 127.255.255.255/32 lo0 127.0.0.1 255.255.255.255/32 eth8 192.168.81.1 169.254.199.181/32 net0 169.254.199.181 169.254.255.255/32 net0 169.254.199.181 255.255.255.255/32 lo0 127.0.0.1 192.168.81.1/32 eth8 192.168.81.1 192.168.81.255/32 eth8 192.168.81.1 192.168.223.255/32 eth7 192.168.223.1 192.168.223.1/32 eth7 192.168.223.1 192.168.81.0/0 eth8 192.168.81.1 192.168.223.0/0 eth7 192.168.223.1 169.254.0.0/0 net0 169.254.199.181 127.0.0.0/0 lo0 127.0.0.1 224.0.0.0/0 lo0 127.0.0.1 224.0.0.0/0 net0 169.254.199.181 224.0.0.0/0 eth7 192.168.223.1 224.0.0.0/0 eth8 192.168.81.1 0.0.0.0/0 net0 169.254.199.119 On 4/2/07, Scott Burch <camberwind () gmail com> wrote:
Yes, I know the 169.x address space has historically been used only for link local addresses (e.g. when dhcp is not available, etc.), but the firmware I am using for my mesh config uses this be default for the mesh network. What I find interesting is that nmap does not report the wireless interface correctly..it shows up as net0..you will not that it has no corresponding MAC address. If I connect via the wired Broadcom interface nmap works just fine. (My first post shows this output). I think I will change the mesh to use 10.x and see if that makes a difference. Could also be something with HP's wireless config utility..which I use to disable bluetooth and wireless easily. I'll do some more testing. On 4/2/07, Dude VanWinkle <dudevanwinkle () gmail com> wrote:On 4/2/07, Scott Burch <camberwind () gmail com> wrote:Hi, No that is not the problem. I have a wireless mesh network configured at my home. I think nmap does not like this. I can access the Internet just fine. :-)so you have your home net configured for 169.254 addy's? i guess thats a new one for introducing plausible deniability :-) well, all i can say is make sure you installed pcap after enabling and logging in as the Administrator account in vista. if you dont want to run the app as Admin, change the acl's in hklm/software/winpcap and "x:\program files", blah blah. I had nmap 420 (no .1) working fine on my TM4200+ulitmate+3945abg in the last release of vista from the TAP program, so it is possible.. unless nmap checks for the 169.254 and then craps out.. -JP
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Issue with nmap on wireless Vista interface (Follow-Up) Scott Burch (Apr 07)