IPv6 -sP issues and data.

["Paul Jenkins" <pjenkins () dsci com>]

All-

# Nmap 5.00 scan initiated Tue Sep 29 10:52:36 2009 as: nmap -6 -sP -iL
c:\ipv6.txt -oN c:\Donzi_sP_CLIv6.txt 
Host 2:0:0:2::1 is up (0.00s latency).
Host 2:0:0:3f::fff0 is up (0.37s latency).
# Nmap done at Tue Sep 29 10:52:55 2009 -- 20 IP addresses (2 hosts up)
scanned in 19.38 seconds

It should be noted the output of Donzi subsequent attempts to run the
same scan resulted in varying degrees of success. In some cases NMAP
reported all 20 hosts, some three, some nine, with no real apparent
pattern. According to Wireshark all the same packets are sent with
identical responses received per probe. Contrary to the documented
default behavior of -sP the packet capture from Donzi's -sP scan shows
no ICMP requests, only TCP SYN packets. In cases where the capture shows
a host replying with a TCP RST/ACK which should alert NMAP to the host
being "up" no such status is reported. 


-Paul



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org