Nmap Development mailing list archives

Re: Who is testing the new Nmap IPv6 support

From: David Fifield <david () bamsoftware com>
Date: Fri, 24 Jun 2011 21:48:17 -0700

On Mon, Jun 13, 2011 at 09:57:31PM +0200, Patrik Karlsson wrote:


On Jun 13, 2011, at 9:46 PM, David Fifield wrote:

On Sun, Jun 12, 2011 at 09:25:57PM +0200, Patrik Karlsson wrote:


On Jun 11, 2011, at 12:08 PM, Fyodor wrote:

When we released the new IPv6 improvements (Nmap 5.52.IPv6.Beta2) on
Wednesday we received tons of attention on the social networks, but
very few bug reports.  Maybe that means it is working great for
everyone, or perhaps it means that more people retweeted it than
actually try it.  Is anyone here using the IPv6 suppport and can you
post a description of how it is working for you?


I did some quick tests against both the scanme site and my own LAN systems.
For me connect scanning works, but SYN-scanning does not. It returns all ports as filtered.
Based on the results captured with tcpdump, no responses are returned from the scanned host.

I'm on a Mac running OS X 10.6.7.


Can you tell if Nmap is using the correct source address and interface?
Does it work if you force it with -S and -e?


Using -S it does, but not using -e.


I set up a configuration like Patrik's and was able to reproduce this.
His computer's default gateway uses a link-local address to talk to its
IPv6 router. Nmap's interface matching assumes that it should send
packets using a source address equal to the external address of the
interface it's sending on, which is wrong in this case.

I made this patch, which uses the operating system to get the source
address, "connecting" a datagram socket and then using getsockname. This
is what is done in the source of the ping6 program, which I found worked
after I changed my configuration to match Patrik's.
http://opensource.apple.com/source/network_cmds/network_cmds-329.2.2/ping6.tproj/ping6.c

This doesn't have an effect on Linux, where we use rtnetlink for
routing.

David Fifield

Attachment: 0001-Use-getsockname-to-get-source-addresses.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Who is testing the new Nmap IPv6 support Fyodor (Jun 11)
- Re: Who is testing the new Nmap IPv6 support Gutek (Jun 11)
- Re: Who is testing the new Nmap IPv6 support Patrik Karlsson (Jun 12)
  - Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 13)
    - Re: Who is testing the new Nmap IPv6 support Brandon Enright (Jun 13)
    - Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 15)
    - Re: Who is testing the new Nmap IPv6 support Patrik Karlsson (Jun 13)
    - Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 24)
- Re: Who is testing the new Nmap IPv6 support Vlatko Kosturjak (Jun 13)
  - Re: Who is testing the new Nmap IPv6 support Luis MartinGarcia. (Jun 13)
    - Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 13)
    - Re: Who is testing the new Nmap IPv6 support Vlatko Kosturjak (Jun 15)
    - Re: Who is testing the new Nmap IPv6 support David Fifield (Jun 15)
    - Re: Who is testing the new Nmap IPv6 support Vlatko Kosturjak (Jun 15)
- Re: Who is testing the new Nmap IPv6 support Daniel Miller (Jun 13)