Nmap Development mailing list archives
Trying out nmap 5 with snow leopard - public release
From: Darius S Garsys <dgarsys () ccgnet com>
Date: Mon, 31 Aug 2009 01:54:43 -0400
Long and short. Running nmap as a regular user seems to work: Forex, ping scans of network as a whole and nmap scan of my old g5:
Aziz:~ dariusgarsys$ nmap -sP 10.123.11.1/24 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:49 EDT Host 10.123.11.1 is up (0.012s latency). Host 10.123.11.5 is up (0.018s latency). Host 10.123.11.20 is up (0.046s latency). Host 10.123.11.22 is up (0.00048s latency). Host 10.123.11.102 is up (0.0023s latency). Nmap done: 256 IP addresses (5 hosts up) scanned in 2.79 seconds Aziz:~ dariusgarsys$ nmap 10.123.11.102 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:48 EDT Interesting ports on 10.123.11.102: Not shown: 991 closed ports PORT STATE SERVICE 22/tcp open ssh 88/tcp open kerberos-sec 548/tcp open afp 625/tcp open apple-xsrvr-admin 631/tcp open ipp 3689/tcp open rendezvous 5432/tcp open postgresql 5900/tcp open vnc 49156/tcp open unknown But the second I try to run a root-level scan (say a syn scan..) Aziz:~ dariusgarsys$ sudo nmap 10.123.11.102 Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:50 EDT Warning: Unable to open interface vmnet8 -- skipping it. Warning: Unable to open interface vmnet1 -- skipping it.Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 0.32 seconds My iflist: Aziz:~ dariusgarsys$ sudo nmap --iflist Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:51 EDT Warning: Unable to open interface vmnet8 -- skipping it. Warning: Unable to open interface vmnet1 -- skipping it. ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC lo0 (lo0) 127.0.0.1/8 loopback up en1 (en1) 10.123.11.22/24 ethernet up 00:19:E3:D4:8B:57 **************************ROUTES************************** DST/MASK DEV GATEWAY 208.67.222.222/32 en1 10.123.11.1 10.123.11.22/32 lo0 127.0.0.1 17.148.16.44/32 en1 10.123.11.1 17.151.16.20/32 en1 10.123.11.1 17.250.248.83/32 en1 10.123.11.1 68.87.68.166/32 en1 10.123.11.1 74.125.45.109/32 en1 10.123.11.1 255.255.255.255/32 en1 10.123.11.1 127.0.0.1/32 lo0 127.0.0.1 192.168.0.233/32 en1 10.123.11.1 208.67.220.220/32 en1 10.123.11.1 224.0.0.251/32 en1 10.123.11.1 127.0.0.0/0 lo0 127.0.0.1 0.0.0.0/0 en1 10.123.11.1oddly, this only seems to affect my LOCAL network , as scanning your server works:
Aziz:~ dariusgarsys$ sudo nmap -sS -p 22,80 --packet-trace scanme.insecure.org Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:52 EDT Warning: Unable to open interface vmnet8 -- skipping it. Warning: Unable to open interface vmnet1 -- skipping it.SENT (0.1020s) ICMP 10.123.11.22 > 64.13.134.52 echo request (type=8/ code=0) ttl=47 id=10075 iplen=7168 SENT (0.1020s) TCP 10.123.11.22:57082 > 64.13.134.52:443 S ttl=46 id=33806 iplen=11264 seq=1696723096 win=3072 <mss 1460> SENT (0.1020s) TCP 10.123.11.22:57082 > 64.13.134.52:80 A ttl=43 id=16454 iplen=10240 seq=1696723096 win=4096 ack=2622757580 SENT (0.1020s) ICMP 10.123.11.22 > 64.13.134.52 Timestamp request (type=13/code=0) ttl=44 id=7199 iplen=10240 RCVD (0.2010s) ICMP 64.13.134.52 > 10.123.11.22 echo reply (type=0/ code=0) ttl=47 id=14184 iplen=28 NSOCK (0.2040s) UDP connection requested to 68.87.68.166:53 (IOD #1) EID 8 NSOCK (0.2040s) Read request from IOD #1 [68.87.68.166:53] (timeout: -1ms) EID 18 NSOCK (0.2050s) UDP connection requested to 208.67.220.220:53 (IOD #2) EID 24 NSOCK (0.2050s) Read request from IOD #2 [208.67.220.220:53] (timeout: -1ms) EID 34 NSOCK (0.2050s) UDP connection requested to 208.67.222.222:53 (IOD #3) EID 40 NSOCK (0.2050s) Read request from IOD #3 [208.67.222.222:53] (timeout: -1ms) EID 50 NSOCK (0.2050s) Write request for 43 bytes to IOD #1 EID 59 [68.87.68.166:53]: .............52.134.13.64.in-addr.arpa.....
NSOCK (0.2050s) nsock_loop() started (timeout=500ms). 7 events pending NSOCK (0.2050s) Callback: CONNECT SUCCESS for EID 8 [68.87.68.166:53] NSOCK (0.2050s) Callback: CONNECT SUCCESS for EID 24 [208.67.220.220:53] NSOCK (0.2050s) Callback: CONNECT SUCCESS for EID 40 [208.67.222.222:53] NSOCK (0.2050s) Callback: WRITE SUCCESS for EID 59 [68.87.68.166:53]NSOCK (0.2480s) Callback: READ SUCCESS for EID 18 [68.87.68.166:53] (72 bytes): .............52.134.13.64.in- addr.arpa..............j...scanme.nmap.org. NSOCK (0.2480s) Read request from IOD #1 [68.87.68.166:53] (timeout: -1ms) EID 66 SENT (0.2490s) TCP 10.123.11.22:57082 > 64.13.134.52:80 S ttl=48 id=53869 iplen=11264 seq=3366733421 win=1024 <mss 1460> SENT (0.2490s) TCP 10.123.11.22:57082 > 64.13.134.52:22 S ttl=41 id=42814 iplen=11264 seq=3366733421 win=2048 <mss 1460> RCVD (0.3500s) TCP 64.13.134.52:80 > 10.123.11.22:57082 SA ttl=47 id=0 iplen=44 seq=3706588049 win=5840 ack=3366733422 <mss 1460> SENT (1.6580s) TCP 10.123.11.22:57083 > 64.13.134.52:22 S ttl=53 id=15417 iplen=11264 seq=3366798956 win=2048 <mss 1460>
Interesting ports on scanme.nmap.org (64.13.134.52): PORT STATE SERVICE 22/tcp filtered ssh 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 2.07 secondsI'm hopelessly confused, and too new at this to figure out anything beyond this. I recognize the vmnet ports as associated with vmware. I've tried specifying en1 via the -e switch. No dice. It can't find anything but itself when it scans the local network with root privileges.
____________________________________ Darius S Garsys dgarsys () ccgnet com Computer Consultants Group Tel: 843.722.7607 Fax: 843.722.6076 http://www.ccgnet.com http://metatation.com ____________________________________Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.
~Clifford Stoll
Attachment:
smime.p7s
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Trying out nmap 5 with snow leopard - public release Darius S Garsys (Aug 30)
- Re: Trying out nmap 5 with snow leopard - public release David Fifield (Aug 31)
- Re: Trying out nmap 5 with snow leopard - public release David Fifield (Sep 09)