Re: -NP ignored when running as root

[Mike Calmus <mcalmus () nyx net>]

At 5:30 PM -0600 7/16/09, David Fifield wrote:
> On Thu, Jul 16, 2009 at 06:58:51PM -0400, Mike Calmus wrote:
> >  I just downloaded and built nmap 5.0 on MacOSX 10.5.7. When I run a 
> >  simple scan on a Windows 7 box it seems to ignore the -NP setting when I
> >  run as root. It works fine when I run as an unprivileged user:
> >
> >  bash-3.2$ sudo nmap -PN -A -v 192.168.1.190
> >
> >  Starting Nmap 5.00 ( http://nmap.org ) at 2009-07-16 18:48 EDT
> >  NSE: Loaded 30 scripts for scanning.
> >  Initiating ARP Ping Scan at 18:48
> >  Scanning 192.168.1.190 [1 port]
> >  Completed ARP Ping Scan at 18:48, 0.22s elapsed (1 total hosts)
> >  Read data files from: /usr/local/share/nmap
> >  Nmap done: 1 IP address (0 hosts up) scanned in 0.54 seconds
> >             Raw packets sent: 2 (84B) | Rcvd: 0 (0B)
>
> Hi, please try running again as root, this time with the --send-ip
> option. That will disable the ARP ping. If that works, then there is
> something wrong with the way ARP ping work against Windows 7 and
> possibly Solaris 10.
>
> http://seclists.org/nmap-dev/2009/q1/0176.html
>
> That was caused by Solaris sending back ARP replies to the broadcast
> Ethernet address. If --send-ip works for you, please let us know. If you
> could get a packet capture of the ARP traffic, that would be very
> helpful.
>
> Please let us know, because this is something that can be fixed with a
> little more information.
>
> David Fifield

Using the --send-ip option does seem to work. I won't be able to get 
a packet capture until later, though. I will forward that along as 
soon as I can.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org