Nmap Development mailing list archives
Re: cannot scan
From: David Fifield <david () bamsoftware com>
Date: Sun, 19 Oct 2008 20:39:19 -0600
On Sun, Oct 19, 2008 at 10:29:15PM -0400, Verde Denim wrote:
A limitation of Nmap on Windows is that in can only do raw-packet scans on Ethernet devices. That's why you have to use --unprivileged on your ppp0 interface. Unfortunately that means you can't run OS scan either. The error message is misleading. It really should say "TCP/IP fingerprinting (for OS scan) requires raw packets" or something like that. The error message is assuming that the only way you could fail to have "root privileges" (in terms of raw packet sending) on Windows is that WinPcap is not installed. However you have shown that it can also be caused by the use of --unprivileged. The error message should not be too hard to fix. Does anyone have an opinion as to the wording, or can you think of any other corner cases to cause this error?Thanks for replying. I was beginning to get a bit mental trying to figure this out. So, in a nutshell, I cannot use (or should not) use nmap on windows with a wireless card. It's disappointing since I need to learn to use this tool for my job, and the wireless card is my only Internet access at the moment. Is this a function of the limitation of nmap, or is it a function of the way packets are processed on the Internet? Is nmap planned to include functionality to run with a wireless card without the --unprivileged restriction? Do you know of another tool which may provide fingerprinting capability with this setup (winxp/wireless card) ? I would also add some install notes for nmap to caution users that ppp0 will eliminate all but the most rudimentary functions of nmap.
This is a limitation of Windows. Microsoft removed raw socket support, which is required for most advanced scans, from Windows a few years ago. Nmap has a workaround of sending raw Ethernet frames, but it only works on Ethernet interfaces. See http://seclists.org/nmap-hackers/2005/0004.html. One alternative is to use an OS other than Windows for scanning, if you can find another one that supports your wireless card. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- cannot scan Verde Denim (Oct 19)
- Re: cannot scan David Fifield (Oct 19)
- Re: cannot scan Verde Denim (Oct 19)
- Re: cannot scan David Fifield (Oct 19)
- Re: cannot scan David Fifield (Nov 19)
- Re: cannot scan Verde Denim (Oct 19)
- Re: cannot scan David Fifield (Oct 19)