-sO for IPv6

[David Fifield <david () bamsoftware com>]

I've just added support for -6 -sO (IPv6 protocol scan). This works by
scanning all 256 possible values of the Next Header field, which is
analogous to the Protocol field in IPv4. Instead of ICMP Protocol
Unreachable to mean a closed protocol, it uses ICMPv6 Parameter Problem,
Unrecognized Next Header. Here is the output of scanning scanme.

# nmap -sO -6 scanmev6.nmap.org --reason
Nmap scan report for scanmev6.nmap.org (2600:3c01::f03c:91ff:fe93:cd19)
Host is up, received echo-reply (0.013s latency).
Scanned at 2011-06-14 12:37:50 PDT for 382s
Not shown: 241 closed protocols
Reason: 241 param-problems
PROTOCOL STATE         SERVICE    REASON
0        open|filtered hopopt     no-response
4        open|filtered ip         no-response
6        open          tcp        proto-response
17       open          udp        port-unreach
41       open|filtered ipv6       no-response
43       open|filtered ipv6-route no-response
44       open|filtered ipv6-frag  no-response
50       open|filtered esp        no-response
51       open|filtered ah         no-response
58       open          ipv6-icmp  proto-response
59       open|filtered ipv6-nonxt no-response
60       open|filtered ipv6-opts  no-response
108      open|filtered ipcomp     no-response
132      open|filtered sctp       no-response
136      open|filtered udplite    no-response

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/