Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Zenmap -> Raw Sockets on SP2 Problem

From: "Rob Nicholls" <robert () everythingeverything co uk>
Date: Sun, 26 Jul 2009 12:01:13 +0100
I'm afraid PPP devices aren't properly supported on Windows, this is a
limitation of WinPcap (which is used by Nmap) and it doesn't look like they
can find a way around it.

http://www.winpcap.org/misc/faq.htm#Q-5

Q-5: Can I use WinPcap on a PPP connection?

<snip>

Windows 2000/XP/2003: these systems have limitations in the NDIS binding
process that prevent a protocol driver from working properly on WAN
adapters. WinPcap 3.1 and newer offer limited support for capturing on
dial-up adapters using a wrapper over the Microsoft NetMon driver. 
NOTES:

 - it is possible to capture control packets (LCP and NCP) using the
"Generic Dialup" or "Generic NdisWan" adapter (which is always listed even
if no dialup connections are available). Control frames are captured as
Ethernet encapsulated PPP frames. 
 - the PPP protocol is translated by the OS into a fake Ethernet. You'll see
Ethernet frames and not PPP frames. 
 - transmission is not supported. 
 - filtering and statistics gathering is done at user level.

So you can sniff PPP traffic on XP, but you won't even be able to do that if
you were to upgrade to Vista. You can't send packets on any version of
Windows.

Does your Speedstream router+modem have Ethernet and USB ports? If you can
use the Ethernet port instead (you can't use it at the same time as the USB
port) you should be able to use Zenmap/Nmap okay.

Rob

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Logan Harris
Sent: 25 July 2009 23:04
To: nmap-dev () insecure org
Subject: Zenmap -> Raw Sockets on SP2 Problem


Hey

I am writing to you today to inquire about the issue I keep getting trying
to use Zenmap. When I try and scan an IP, I get,

"WARNING: Using raw sockets because ppp0 is not an ethernet device. This
probably won't work on Windows.
pcap_open_live(ppp0,
100, 0, 2) FAILED. Reported error: Error opening adapter: The system
cannot find the device specified. (20).  Will wait 5 seconds then
retry."

After doing some research I've found that Windows SP2
has disabled Raw Sockets, and after a few more hours of research, I've
found nothing to fix this problem.  I was wondering if you know of a
fix for this problem, and to bring this to your attention. I am sure
you did, but it seems like it would affect a large portion of your
community.

Some other info
- Windows XP -> Service Pack 2
-Wired DSL internet with Speedstream Router+Modem


Thanks for your time.
TLB

_________________________________________________________________
Stay on top of things, check email from other accounts!
http://go.microsoft.com/?linkid=9671355

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: