Nmap Development mailing list archives
Re[2]: Variety of bugs in nmap-4.20
From: Chris Drake <christopher () pobox com>
Date: Wed, 20 Jun 2007 04:11:41 +1000
Hi Brandon, Yes - correct - it's on the same ethernet segment. Wouldn't you think it's a bit misleading for nmap to issue only an ARP and no ICMP, when I've explicitly requested the ICMP ? It also refuses to send the ACK if I use -PA instead. While I respect that most people might be sending ICMPs to determine if some host is up or not, and that an ARP reply might indicate this, (assuming nmap checks that the reply came from the host and not some switch/router) this is not *always* the reason we might want to send ICMP or ACKs to hosts, and I don't think it's the place of nmap to override/refuse our requests? Maybe I'm overlooking something - how would I send an ICMP or ACK packet to a machine "beside me" using nmap - is this actually possible? Kind Regards, Chris Drake Wednesday, June 20, 2007, 3:52:18 AM, you wrote: BE> On Wed, 20 Jun 2007 02:29:02 +1000 plus or minus some time Chris Drake BE> <christopher () pobox com> wrote:
Hi, I'm Running the latest nmap-4.20 built from source on RedHas AS4 update 4 Linux 2.6.9-42.ELsmp #1 SMP Wed Jul 12 23:27:17 EDT 2006 i686 i686 i386 GNU/Linux 1. I specifically ask it to send one ICMP echo request, however, it sends none, instead sending only an ARP: # /usr/bin/nmap -n --packet_trace -sP -PE 123.123.252.164 Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-19 14:56 UTC SENT (0.0370s) ARP who-has 123.123.252.164 tell 123.123.252.162 RCVD (0.0390s) ARP reply 123.123.252.164 is-at 00:0C:29:DA:5E:9F Host 123.123.252.164 appears to be up. MAC Address: 00:0C:29:DA:5E:9F (VMware) Nmap finished: 1 IP address (1 host up) scanned in 0.150 seconds
BE> Although have obscured the IP, you must have scanned a host on your same BE> Ethernet segment. If you scan a host across a L3 hop you'll get the BE> behavior you expect. This is not a bug, it is the nature of layered BE> networking. BE> Brandon _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Variety of bugs in nmap-4.20 Chris Drake (Jun 19)
- Re: Variety of bugs in nmap-4.20 DePriest, Jason R. (Jun 19)
- Re: Variety of bugs in nmap-4.20 Brandon Enright (Jun 19)
- Re[2]: Variety of bugs in nmap-4.20 Chris Drake (Jun 19)
- Re: Variety of bugs in nmap-4.20 Professor Messer (Jun 19)
- Re[2]: Variety of bugs in nmap-4.20 Chris Drake (Jun 19)
- Re: Variety of bugs in nmap-4.20 Professor Messer (Jun 19)
- Re: Variety of bugs in nmap-4.20 Fyodor (Jun 19)
- Re[2]: Variety of bugs in nmap-4.20 Chris Drake (Jun 19)
- Re: Variety of bugs in nmap-4.20 Fyodor (Jun 19)