Nmap Development mailing list archives
Re: Libtool, static libraries, and NSE modules
From: Vijay Sankar <vsankar () foretell ca>
Date: Tue, 23 Oct 2007 05:52:10 -0500
On October 22, 2007 05:19:40 pm David Fifield wrote:
On Mon, Oct 22, 2007 at 09:52:06PM -0500, Vijay Sankar wrote:I had the following problem on OpenBSD 4.1. nmap -sS -P0 -vv 192.168.10.5 OR nmap -A -P0 -vv 192.168.10.5 gives me: Starting Nmap 4.22SOC7 ( http://insecure.org ) at 2007-10-22 20:43 CDT Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Initiating ARP Ping Scan at 20:43 Scanning 192.168.10.5 [1 port] Completed ARP Ping Scan at 20:43, 0.23s elapsed (1 total hosts) Read data files from: /usr/local/share/nmap Nmap done: 1 IP address (0 hosts up) scanned in 0.337 seconds Raw packets sent: 2 (84B) | Rcvd: 0 (0B) However the following works nmap -sT -P0 -vv 192.168.10.5Nmap does an ARP scan of directly connected Ethernet hosts even if -P0 is used. See http://insecure.org/nmap/man/man-host-discovery.html. But I don't know why the ARP scan would fail when the connect scan works. Please send the output of nmap -sS -P0 -d2 --packet-trace 192.168.10.5 David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org !DSPAM:1,471d7bdd38536107113666!
With -sT, even though it correctly detected all open ports, I got a warning (mass_dns: warning: got a READ:ERROR in read_evt_handler()). May be something is wrong with my DNS set up. To reduce wasting your time, I will repeat these on a different set of machines and report back by tomorrow. vijay# nmap -sS -P0 -d2 --packet-trace 192.168.10.5 Starting Nmap 4.22SOC7 ( http://insecure.org ) at 2007-10-23 05:32 CDT Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Fetchfile found /usr/local/share/nmap/nmap-services The max # of sockets we are using is: 0 --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 --------------------------------------------- Initiating ARP Ping Scan at 05:32 Scanning 192.168.10.5 [1 port] Packet capture filter (device dc0): arp and ether dst host 00:04:5A:5F:B8:3C SENT (0.1220s) ARP who-has 192.168.10.5 tell 192.168.10.60 SENT (0.2260s) ARP who-has 192.168.10.5 tell 192.168.10.60 ultrascan_host_probe_update called for machine 192.168.10.5 state UNKNOWN -> HOST_DOWN (trynum 1 time: 130770) Completed ARP Ping Scan at 05:32, 0.24s elapsed (1 total hosts) mass_rdns: Using DNS server 10.0.0.103 mass_rdns: Using DNS server 10.0.0.102 Read from /usr/local/share/nmap: nmap-services. Nmap done: 1 IP address (0 hosts up) scanned in 0.358 seconds Raw packets sent: 2 (84B) | Rcvd: 0 (0B) -sT works here still. vijay# nmap -sT -P0 -d2 192.168.10.5 The max # of sockets we are using is: 0 --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 --------------------------------------------- mass_rdns: Using DNS server 10.0.0.103 mass_rdns: Using DNS server 10.0.0.102 Initiating Parallel DNS resolution of 1 host. at 05:44 mass_dns: warning: got a READ:ERROR in read_evt_handler() mass_dns: warning: got a READ:ERROR in read_evt_handler() . . . . . . processData took 152ms Completed Connect Scan at 05:40, 8.42s elapsed (1705 total ports) Host 192.168.10.5 appears to be up ... good. Interesting ports on 192.168.10.5: Not shown: 1701 filtered ports Reason: 1701 no-responses PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 80/tcp open http syn-ack 443/tcp open https syn-ack 8080/tcp open http-proxy syn-ack Final times for host: srtt: 345 rttvar: 1715 to: 100000 Read from /usr/local/share/nmap: nmap-services. Nmap done: 1 IP address (1 host up) scanned in 14.996 seconds Thanks very much, Vijay -- Vijay Sankar, M.Eng., P.Eng. President & CEO ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB Canada R3J 0X6 Phone: +1 204 885 9535, E-Mail: vsankar () foretell ca _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Libtool, static libraries, and NSE modules David Fifield (Oct 18)
- Re: Libtool, static libraries, and NSE modules David Fifield (Oct 22)
- Re: Libtool, static libraries, and NSE modules Vijay Sankar (Oct 22)
- Re: Libtool, static libraries, and NSE modules Vijay Sankar (Oct 22)
- Re: Libtool, static libraries, and NSE modules David Fifield (Oct 22)
- Re: Libtool, static libraries, and NSE modules Vijay Sankar (Oct 23)
- Re: Libtool, static libraries, and NSE modules David Fifield (Oct 22)