Nmap Development mailing list archives
Re: NMAP crash -- more
From: David Fifield <david () bamsoftware com>
Date: Wed, 26 Sep 2012 18:04:07 -0700
On Tue, Sep 18, 2012 at 02:37:44PM -0700, David Fifield wrote:
On Mon, Sep 17, 2012 at 01:21:11PM -0700, Fyodor wrote:On Thu, Sep 13, 2012 at 01:29:07PM -0700, David Fifield wrote:I think this is unrelated to the problem of exceeding the socket limit. OS detection seems to ignore -S the same way it ignores -g and other options. See http://nmap.org/book/man-bypass-firewalls-ids.html. Ignoring -S is probably a bug. But I think you will see the same during OS detection against any host, not just this one that is exceeding the socket limit.For what it is worth, -S seems to work with -O in my quick testing. For example, I did this on my Linux box with latest svn: ./nmap -S 127.0.0.2 -p8080,2000 -O localhost -e lo --packet-trace And all of the sent packets came from 127.0.0.2.I see. Maybe the problem then is not in OS scan but in Nsock. starlight needs different source addresses on different interfaces. In Nsock we bind to a source address, but we don't use the SO_BINDTODEVICE sockopt to force a particular interface. Nsock seemst o do the right thing when I try 127.0.0.2 as in your test, but it might be only because 127.0.0.1 and 127.0.0.2 are both on the lo interface, so SO_BINDTODEVICE is not needed.
I'm thinking of applying this patch, which causes SO_BINDTODEVICE to be set everywhere we use a socket. starlight, maybe this solved the problems you were having with -S and -e? David Fifield
Attachment:
bindtodevice.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NMAP crash -- more starlight . 2012q3 (Sep 13)
- <Possible follow-ups>
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- Re: NMAP crash -- more David Fifield (Sep 13)
- Re: NMAP crash -- more Fyodor (Sep 17)
- Re: NMAP crash -- more David Fifield (Sep 18)
- Re: NMAP crash -- more David Fifield (Sep 26)
- Re: NMAP crash -- more starlight . 2012q3 (Sep 26)
- Re: NMAP crash -- more David Fifield (Sep 26)