Nmap Development mailing list archives
Re: Who is testing the new Nmap IPv6 support
From: David Fifield <david () bamsoftware com>
Date: Fri, 24 Jun 2011 21:48:17 -0700
On Mon, Jun 13, 2011 at 09:57:31PM +0200, Patrik Karlsson wrote:
On Jun 13, 2011, at 9:46 PM, David Fifield wrote:On Sun, Jun 12, 2011 at 09:25:57PM +0200, Patrik Karlsson wrote:On Jun 11, 2011, at 12:08 PM, Fyodor wrote:When we released the new IPv6 improvements (Nmap 5.52.IPv6.Beta2) on Wednesday we received tons of attention on the social networks, but very few bug reports. Maybe that means it is working great for everyone, or perhaps it means that more people retweeted it than actually try it. Is anyone here using the IPv6 suppport and can you post a description of how it is working for you?I did some quick tests against both the scanme site and my own LAN systems. For me connect scanning works, but SYN-scanning does not. It returns all ports as filtered. Based on the results captured with tcpdump, no responses are returned from the scanned host. I'm on a Mac running OS X 10.6.7.Can you tell if Nmap is using the correct source address and interface? Does it work if you force it with -S and -e?Using -S it does, but not using -e.
I set up a configuration like Patrik's and was able to reproduce this. His computer's default gateway uses a link-local address to talk to its IPv6 router. Nmap's interface matching assumes that it should send packets using a source address equal to the external address of the interface it's sending on, which is wrong in this case. I made this patch, which uses the operating system to get the source address, "connecting" a datagram socket and then using getsockname. This is what is done in the source of the ping6 program, which I found worked after I changed my configuration to match Patrik's. http://opensource.apple.com/source/network_cmds/network_cmds-329.2.2/ping6.tproj/ping6.c This doesn't have an effect on Linux, where we use rtnetlink for routing. David Fifield
Attachment:
0001-Use-getsockname-to-get-source-addresses.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Who is testing the new Nmap IPv6 support Fyodor (Jun 11)
- Re: Who is testing the new Nmap IPv6 support Gutek (Jun 11)
- Re: Who is testing the new Nmap IPv6 support Patrik Karlsson (Jun 12)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 13)
- Re: Who is testing the new Nmap IPv6 support Brandon Enright (Jun 13)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 15)
- Re: Who is testing the new Nmap IPv6 support Patrik Karlsson (Jun 13)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 24)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 13)
- Re: Who is testing the new Nmap IPv6 support Luis MartinGarcia. (Jun 13)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 13)
- Re: Who is testing the new Nmap IPv6 support Vlatko Kosturjak (Jun 15)
- Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 15)