Nmap Development mailing list archives

Re: cannot scan

From: David Fifield <david () bamsoftware com>
Date: Sun, 19 Oct 2008 20:39:19 -0600

On Sun, Oct 19, 2008 at 10:29:15PM -0400, Verde Denim wrote:

A limitation of Nmap on Windows is that in can only do raw-packet scans
on Ethernet devices. That's why you have to use --unprivileged on your
ppp0 interface. Unfortunately that means you can't run OS scan either.

The error message is misleading. It really should say "TCP/IP
fingerprinting (for OS scan) requires raw packets" or something like
that. The error message is assuming that the only way you could fail to
have "root privileges" (in terms of raw packet sending) on Windows is
that WinPcap is not installed. However you have shown that it can also
be caused by the use of --unprivileged.

The error message should not be too hard to fix. Does anyone have an
opinion as to the wording, or can you think of any other corner cases to
cause this error?


Thanks for replying. I was beginning to get a bit mental trying to figure
this out.
So, in a nutshell, I cannot use (or should not) use nmap on windows with a
wireless card.
It's disappointing since I need to learn to use this tool for my job, and
the wireless card is my only Internet access at the moment.
Is this a function of the limitation of nmap, or is it a function of the way
packets are processed on the Internet?
Is nmap planned to include functionality to run with a wireless card without
the --unprivileged restriction?
Do you know of another tool which may provide fingerprinting capability with
this setup (winxp/wireless card) ?

I would also add some install notes for nmap to caution users that ppp0 will
eliminate all but the most rudimentary functions of nmap.


This is a limitation of Windows. Microsoft removed raw socket support,
which is required for most advanced scans, from Windows a few years ago.
Nmap has a workaround of sending raw Ethernet frames, but it only works
on Ethernet interfaces. See http://seclists.org/nmap-hackers/2005/0004.html.

One alternative is to use an OS other than Windows for scanning, if you
can find another one that supports your wireless card.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

cannot scan Verde Denim (Oct 19)
- Re: cannot scan David Fifield (Oct 19)
  - Re: cannot scan Verde Denim (Oct 19)
    - Re: cannot scan David Fifield (Oct 19)
  - Re: cannot scan David Fifield (Nov 19)