Re: disable valid IPv4 address check to allow scanning Hamachi (5.0.0.0/8) targets?

[David Fifield <david () bamsoftware com>]

On Sat, Apr 02, 2011 at 02:51:21PM -0700, Brolin Empey wrote:
> When I try scanning an Hamachi client’s 5.0.0.0/8 IP address, nmap
> states “doArp can only handle IPv4 addresses” and aborts.  I know
> this is because Hamachi’s assignment of 5.0.0.0/8 IP addresses is
> unofficial, but it would be nice if the valid IPv4 address check
> could be disabled so Hamachi clients and other hosts with
> unofficially-assigned IP addresses could still be scanned.
>
> I searched for a solution/workaround but only found discussions
> about Hamachi’s unofficial IP address assignments, not any way to
> scan Hamachi clients.
>
> I do not think these details matter in this case, but I am currently
> using nmap v5.50 on Windows 7 Professional IA-32.

There must be something else going wrong, because I can ARP scan
5.0.0.0/8 with

/sbin/ifconfig eth0:1 5.1.2.3 netmask 255.0.0.0
nmap -PR 5.0.0.0/8 --packet-trace

Windows might be an issue. I'm not familiar with Hamachi, but if it
creates a pseudo-interface, it probably won't work on Windows. (Because
Windows lacks support for raw sockets, we can only do raw scans on
Ethernet devices.) However, if that's the case, then the error message
is misleading.

Please send the output of "nmap --iflist".

As a workaround you can try using the --unprivileged option to use plain
TCP connect scan.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/