Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Understanding "-S" option on configurations whith several IP addresses.

From: "Brett Cunningham" <cssniper22 () gmail com>
Date: Tue, 30 Oct 2007 10:18:35 -0500
Your key here is "WARNING: Unable to find appropriate interface for
system route to 192.168.160.254". Do a route print on cmd and you will
see how the packet wants to flow coming out of the NICs. Please
provide the output from "route print" and I would be happy to assist
further.

Also, why are you trying to spoof the address? I think I understand
what it is you're trying to do here, but I don't believe it's being
carried out the correct way. Please provide the output from "nmap
--iflist" which will also take care of the "route print".

On 10/30/07, Korostelev Andrew <preacherandrew () mail ru> wrote:

Hi.

I have question about "-S" option. Namely in cases of several IP-addresses
on one NIC.

Here is my case.

Two host whith Windows 2000:
host A have one NIC with two IP addresses - 192.168.160.12
and 192.168.2.3;
host B one NIC whit one IP address - 192.168.160.1.

How can I use nmap on first host for testing second host?

If I run "nmap -S 192.168.160.12 -e eth0 192.168.160.1" I get
lot of messages "WARNING: Unable to find appropriate interface for system route..." and last message:
"NmapArpCache() can only take IPv4 addresses. Sorry.
QUITTING!"

If I delete second IP address on host A, then all OK - and whith option
("nmap -S 192.168.160.12 -e eth0 192.168.160.1") and whithout option
("nmap 192.168.160.1).


P.S:
After some debugging I see that nmap get strange results on configurations
whith several IP. Nmap use only one from IP address (first from returned GetIpAddrTable)
 and all tests carry out on that address.
For example, host have two IP - 192.168.160.12/24 and 192.168.2.3/24,
and default gateway - 192.168.160.254.
Nmap calls GetIpAddrTable.  GetIpAddrTable returns 192.168.2.3 as first IP address,
and 192.168.160.12 as second address. Nmap take address 192.168.2.3 and try verify
default gateway using that address.  When nmap comparing 192.168.2.3/24 and 192.168.160.254 nmap prints out:
"WARNING: Unable to find appropriate interface for system route to 192.168.160.254"
I guess in this case nmap must using other IP address of the host - 192.168.160.12.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: