Nmap Development mailing list archives
RE: nmap 5.21 sends protocol unreachable
From: Derek <depierjack () msn com>
Date: Sat, 30 Jan 2010 19:04:54 -0500
I think you are misunderstanding what I said, when I run Nmap with the following commands Nmap -sP -PE scanme.nmap.org on my Windows 7 PC, Windows sends an ICMP Protocol Unreachable back to scanme.nmap.org. Issuing the same command on my Windows XP PC, Windows does not send packet back after getting the reply. Using the windows ping utility from both the 7 and XP machines to scanme.nmap.org, both receive the replies and do not send anything back to scanme.nmap.org as expected. To answer your question, when I ping the 7 machine using the XP machine with the windows ping utility, the XP only receives echo replies. And when I ping XP from 7, again using the windows ping command, windows 7 gets replies as expected. So my question is, is it possible to send ICMP reply packets to the target machine for example, scanme.nmap.org using some other network tool or to code this ability into Nmap itself? Derek
Date: Thu, 28 Jan 2010 20:38:49 -0700 From: david () bamsoftware com To: depierjack () msn com CC: nmap-dev () insecure org Subject: Re: nmap 5.21 sends protocol unreachable On Thu, Jan 28, 2010 at 07:38:50PM -0500, Derek wrote:I was actually thinking earlier today that maybe it was Windows sending the packet because it is not expecting the reply, so I then tried it on a Windows XP machine to see if it was a Windows thing. It seems to be a Windows 7 specific feature, because the Windows XP PC did NOT send an ICMP Protocol Unreachable message, in fact it didn't send any packet at all after receiving the unexpected reply. So with that being said, is it possible to forge echo, timestamp, or address mask replies to check for live hosts, not with nmap I know, but with some other network tool? If not, how difficult would it be to code such a feature into nmap or just as a stand alone program?If Windows is responding with destination unreachables to echo/timestamp/mask replies, then it is probably doing so with requests too. (When you ping the Windows 7 computer do you get an echo reply or a destination unreachable?) Unless it's dropping ICMP requests and only sending unreachables for replies, then Nmap's usual ICMP pings will be just as effective in this case and also more generally useful. David Fifield
_________________________________________________________________ Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/196390708/direct/01/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap 5.21 sends protocol unreachable Derek (Jan 28)
- Re: nmap 5.21 sends protocol unreachable David Fifield (Jan 28)
- RE: nmap 5.21 sends protocol unreachable Derek (Jan 28)
- Re: nmap 5.21 sends protocol unreachable David Fifield (Jan 28)
- RE: nmap 5.21 sends protocol unreachable Derek (Jan 30)
- Re: nmap 5.21 sends protocol unreachable David Fifield (Jan 30)
- RE: nmap 5.21 sends protocol unreachable Derek (Jan 28)
- Re: nmap 5.21 sends protocol unreachable David Fifield (Jan 28)