Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nmap does not respect --send-ip

From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 29 Mar 2011 17:27:41 -0500
Are you sure it isn't working? In order to send an IP (layer 3) packet
to a host on the local subnet, your machine must learn the layer 2
address that corresponds to the IP address. For ethernet (at least),
the way it does this is ARP. The only way to get around this would be
to have static ARP tables on your machine, which defeats the purpose
of host discovery.

Dan

On Tue, Mar 29, 2011 at 4:15 PM, K <komseh () gmail com> wrote:

When trying to prevent Nmap from sending ARP requests for host
discovery on a local subnet, --send-ip is pretty much our only option.
 Unfortunately the switch has not been functional for quite some time.
 This option is needed to evade ARP rate inspection rules and other
wonky configurations that might produce false positives/negatives for
live hosts.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: