Nmap Development mailing list archives

NMAP crash -- more

From: starlight.2012q3 () binnacle cx
Date: Thu, 13 Sep 2012 05:23:39 -0400

Ran it a couple of more times with -d
thrown in.

Actually the -e eth4 -S 172.29.86.4
options may be related to the problem.

At the point where the message

   WARNING: RST from 58.218.199.250 port 1 -- is this port really open?

appears, 'nmap' switches from using the
supplied -S 172.29.86.4 to using the
interface and address associated with the
normal default route 172.29.79.1
(per 'tcpdump').

Certainly that behavior would appear
incorrect.  The -S value and -e interface
should always be used as the source
address by all tests when --send-eth
is in effect.

Here

   ulimit -H -n 4096

was set and it blew when the socket
count reached that maximum.

Output is attached.

Attachment: nmap_crash4.txt
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

NMAP crash -- more starlight . 2012q3 (Sep 13)
- <Possible follow-ups>
- Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
- NMAP crash -- more starlight . 2012q3 (Sep 13)
  - Re: NMAP crash -- more David Fifield (Sep 13)
    - Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
    - Re: NMAP crash -- more David Fifield (Sep 13)
    - Re: NMAP crash -- more starlight . 2012q3 (Sep 13)
    - Re: NMAP crash -- more Fyodor (Sep 17)
    - Re: NMAP crash -- more David Fifield (Sep 18)
    - Re: NMAP crash -- more David Fifield (Sep 26)
    - Re: NMAP crash -- more starlight . 2012q3 (Sep 26)
    - Re: NMAP crash -- more David Fifield (Sep 26)