Nmap Development mailing list archives
Re: Please help with long standing nmap issue
From: David Fifield <david () bamsoftware com>
Date: Fri, 3 Apr 2009 10:13:21 -0600
On Thu, Apr 02, 2009 at 10:16:27PM -0600, David Fifield wrote:
On Mon, Mar 30, 2009 at 07:57:22AM +0100, Rob Nicholls wrote:I assume from the tracking software you mentioned that you're using OSX? I think we decided it's a peculiarity of the OS rather than a problem with nmap: http://seclists.org/nmap-dev/2008/q4/0634.html I believe David's suggestion was to give the admin group read and write permissions to /dev/bfp* and run nmap as a non-root user that's in the admin group.That explains why --iflist isn't working as non-root. There is another issue, which is that ping scan is working as non-root but not as root:M:~ jp$ sudo nmap -O -v 192.168.226.1-254 Starting Nmap 4.85BETA4 ( http://nmap.org ) at 2009-03-29 16:33 MDT Warning: Unable to open interface vmnet8 -- skipping it. Warning: Unable to open interface vmnet1 -- skipping it. Initiating Ping Scan at 16:33 Scanning 254 hosts [2 ports/host] Ping Scan Timing: About 31.50% done; ETC: 16:35 (0:01:07 remaining) Ping Scan Timing: About 60.04% done; ETC: 16:35 (0:00:41 remaining) Completed Ping Scan at 16:35, 103.72s elapsed (254 total hosts) Read data files from: /usr/local/share/nmap Nmap done: 254 IP addresses (0 hosts up) scanned in 104.06 seconds Raw packets sent: 1016 (34.544KB) | Rcvd: 885 (72.047KB) M:~ jp$ nmap -sP 192.168.226.1-254 Starting Nmap 4.85BETA4 ( http://nmap.org ) at 2009-03-29 16:38 MDT Host 192.168.226.1 appears to be up. Host 192.168.226.2 appears to be up. Host 192.168.226.10 appears to be up.Jerry, can you run these commands and send me the log files?: sudo nmap -sP -d --packet-trace 192.168.226.1-254 -oN root.nmap nmap -sP -d --packet-trace 192.168.226.1-254 -oN nonroot.nmap sudo nmap -sP -d --packet-trace --unprivileged 192.168.226.1-254 -oN root-unprivileged.nmap
Thanks, now that I have seen to log files I know what the problem is. The machines on your network respond to a SYN to port 80 (which is what the non-root ping scan does), but not an ACK to port 80 nor an ICMP echo (which is what the root ping scan does). In your network you should use the -PS option to find up hosts. Just combine it with the options you were already using: M:~ jp$ sudo nmap -PS -O -v 192.168.226.1-254 David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Please help with long standing nmap issue David Fifield (Apr 02)
- Re: Please help with long standing nmap issue David Fifield (Apr 03)