Re: Nmap and IPv6

["DePriest, Jason R." <jrdepriest () gmail com>]

On Fri, Oct 17, 2008 at 10:28 PM, Kris Katterjohn <> wrote:
> > Dunno, but here is a more informative error messge.
> > CONN (0.2710s) TCP localhost > fe80::210:5aff:fe1d:5c3f:22 => Invalid argument
> >
> > I did a fancier scan and ended up with 2000 of those.
> > depriest@hole:~$ grep "Invalid argument" nmap-ipv6.nmap | wc -l
> > 2000
> >
> > I am attaching the log file for someone who knows more about nmap -6 to look at.
>
> I think you just need to specify the interface to use via the perfect syntax
> (see below).  This is required because link-local addresses are
> interface-specific.  I added support for this syntax for link-local scanning
> in Nmap this past May:
>
> o Nmap now understands the RFC 4007 percent syntax for IPv6 Zone IDs.
>  On Windows, this ID has to be a numeric index.  On Linux and some
>  other OS's, this ID can instead be an interface name.  Some examples
>  of this syntax:
>    fe80::20f:b0ff:fec6:15af%2
>    fe80::20f:b0ff:fec6:15af%eth0
>  [Kris]
>
> If you haven't already seen it, you may be interested in HD Moore's recent
> paper[1] on IPv6, which also happens to mention the above support in Nmap.
>
> > Thanks in advance folks.
> >
> > -Jason
>
> Thanks,
> Kris Katterjohn
>
> [1] http://www.milw0rm.com/papers/233

You are correct.

I have used the %{number} format in Windows XP but didn't know how to
tell Linux the same thing.  %{interface} is good to know.

I am dumb.  But I ask questions.

-Jason

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org