Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: -sT on windows

From: jah <jah () zadkiel plus com>
Date: Sat, 08 Dec 2007 23:12:01 +0000
Correction:

I get the error regardless of whether I specify --send-eth --send-ip or 
neither - sorry!

The ref guide says:

 --send-eth (Use raw ethernet sending)

    .... By default, Nmap chooses the one [ip or eth] which is generally 
best for the platform it is running on ...

Does this still hold true?  I'm getting the following when I specify -sT:

    C:\>nmap -sT -p135 192.168.1.1 -d10 --log-errors -n -PN
    ***WinIP***  trying to initialize WinPcap
    Winpcap present, dynamic linked to: WinPcap version 4.0.2
    (packet.dll version 4.0.0.1040), based on libpcap version 0.9.5

    Starting Nmap 4.49RC4 ( http://insecure.org ) at 2007-12-08 22:42
    GMT Standard Time
    Fetchfile found C:\Program Files\Nmap\nmap-services

    The max # of sockets we are using is: 0
    --------------- Timing report ---------------
      hostgroups: min 1, max 100000
      rtt-timeouts: init 1000, min 100, max 10000
      max-scan-delay: TCP 1000, UDP 1000
      parallelism: min 0, max 0
      max-retries: 10, host-timeout: 0
    ---------------------------------------------
    doing 0.0.0.0 = 192.168.1.1
    Initiating Connect Scan at 22:42
    Scanning 192.168.1.1 [1 port]
    CONN (0.1100s) TCP localhost > 192.168.1.1:135 => Unknown error
    **TIMING STATS** (0.1100s): IP, probes
    active/freshportsleft/retry_stack/outstanding/retranwait/onbench,
    cwnd/ccthresh/d
    elay, timeout/srtt/rttvar/
       Groupstats (1/1 incomplete): 1/*/*/*/*/* 10.00/75/* 1000000/-1/-1
       192.168.1.1: 1/0/0/1/0/0 10.00/75/0 1000000/-1/-1
    Discovered open port 135/tcp on 192.168.1.1
    Changing ping technique for 192.168.1.1 to connect
    Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 15000 ==> srtt:
    15000 rttvar: 15000 to: 100000
    Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 15000 ==> srtt:
    15000 rttvar: 15000 to: 100000
    Moving 192.168.1.1 to completed hosts list with 0 outstanding probes.
    Completed Connect Scan at 22:42, 0.05s elapsed (1 total ports)
    Host 192.168.1.1 appears to be up ... good.
    Interesting ports on 192.168.1.1:
    PORT    STATE SERVICE REASON
    135/tcp open  msrpc   syn-ack
    Final times for host: srtt: 15000 rttvar: 15000  to: 100000

    Read from C:\Program Files\Nmap: nmap-services.
    Nmap done: 1 IP address (1 host up) scanned in 0.172 seconds


Note the CONN (0.1100s) TCP localhost > 192.168.1.1:135 => Unknown error
which is pretty much the same as when, in addition, I specify --send-ip:

    C:\>nmap -sT -p135 192.168.1.1 -d10 --log-errors -n -PN --send-ip
    ***WinIP***  trying to initialize WinPcap
    Winpcap present, dynamic linked to: WinPcap version 4.0.2
    (packet.dll version 4.0.0.1040), based on libpcap version 0.9.
    5

    Starting Nmap 4.49RC4 ( http://insecure.org ) at 2007-12-08 22:45
    GMT Standard Time
    Fetchfile found C:\Program Files\Nmap\nmap-services

    WARNING: raw IP (rather than raw ethernet) packet sending attempted
    on Windows. This probably won't work.  Consider --se
    nd-eth next time.

    The max # of sockets we are using is: 0
    --------------- Timing report ---------------
      hostgroups: min 1, max 100000
      rtt-timeouts: init 1000, min 100, max 10000
      max-scan-delay: TCP 1000, UDP 1000
      parallelism: min 0, max 0
      max-retries: 10, host-timeout: 0
    ---------------------------------------------
    doing 0.0.0.0 = 192.168.1.1
    Initiating Connect Scan at 22:45
    Scanning 192.168.1.1 [1 port]
    CONN (0.1090s) TCP localhost > 192.168.1.1:135 => Unknown error
    **TIMING STATS** (0.1250s): IP, probes
    active/freshportsleft/retry_stack/outstanding/retranwait/onbench,
    cwnd/ccthresh/d
    elay, timeout/srtt/rttvar/
       Groupstats (1/1 incomplete): 1/*/*/*/*/* 10.00/75/* 1000000/-1/-1
       192.168.1.1: 1/0/0/1/0/0 10.00/75/0 1000000/-1/-1
    Discovered open port 135/tcp on 192.168.1.1
    Changing ping technique for 192.168.1.1 to connect
    Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 16000 ==> srtt:
    16000 rttvar: 16000 to: 100000
    Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 16000 ==> srtt:
    16000 rttvar: 16000 to: 100000
    Moving 192.168.1.1 to completed hosts list with 0 outstanding probes.
    Completed Connect Scan at 22:45, 0.05s elapsed (1 total ports)
    Host 192.168.1.1 appears to be up ... good.
    Interesting ports on 192.168.1.1:
    PORT    STATE SERVICE REASON
    135/tcp open  msrpc   syn-ack
    Final times for host: srtt: 16000 rttvar: 16000  to: 100000

    Read from C:\Program Files\Nmap: nmap-services.
    Nmap done: 1 IP address (1 host up) scanned in 0.172 seconds


raw ethernet is used in syn scans without the need to specify it.

I swear I'll learn some C soon and be a bit more helpful.

jah


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: