Nmap Development mailing list archives
Re: bug Nmap 5.61TEST2
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 25 Nov 2011 09:44:27 -0600
Diego, torify is a program which forces another program to use a SOCKS proxy for all of its connections. SOCKS proxies handle TCP streams, abstracting away the details of the transport, network, and link layers. Nmap requires the ability to manipulate and observe all those layers, so it will never be fully compatible with SOCKS proxies. I have been able to get Nmap to give slightly useful results (though full of warning messages) through a SOCKS proxy by using the --unprivileged flag. This tells Nmap to not use features (like OS detection, half-open SYN scanning, ICMP ping, etc) that require root privileges. In general, this limits Nmap to a TCP connect scan, which should work through a proxy, but in my experience gives only halfway-useful results (lots of false positives, if I recall correctly). Some TCP scanners do work through SOCKS proxies: Metasploit's auxiliary/scanner/portscan/tcp for one. If you want to submit a bug report for Nmap scanning through a proxy, use the --unprivileged flag and then submit your report. Any other type of scan will never be proxy-capable. Dan On Wed, Nov 23, 2011 at 4:03 PM, Diego <shaamangra () gmail com> wrote:
diego@bt:~$ uname -a Linux bt 2.6.39.4 #1 SMP Wed Aug 17 21:42:30 EDT 2011 x86_64 GNU/Linux root@bt:/home/diego# torify nmap -A xx.x.x.x Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-11-23 16:59 EST nmap: netutil.cc:1252: int collect_dnet_interfaces(const intf_entry*, void*): Assertion `rc == 0' failed. Aborted without the torify is fine !!! -- ** Nem o panteísmo nem a mitologia judaica são suficientes, se pretendeis explicar o mundo; antes há que encará-lo de frente.**Arthur Schopenhauer "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds* * * *Jesus saves! The rest of us better make backups.* _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- bug Nmap 5.61TEST2 Diego (Nov 25)
- Re: bug Nmap 5.61TEST2 Daniel Miller (Nov 25)
- Re: bug Nmap 5.61TEST2 Duarte Silva (Nov 25)
- Re: bug Nmap 5.61TEST2 Daniel Miller (Nov 25)