Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "dnet: Failed to open device" errors on AIX, as root

From: Ben Lentz <ben.lentz () gmail com>
Date: Wed, 21 Nov 2012 21:19:37 -0500
This is difficult to diagnose because we can't reproduce it. The reason
it fails only for on-link targets is because it's trying to do ARP scan,
which requires sending via an Ethernet handle, which is the part that's
failing. As a workaround, you can try the --send-ip option.

Here are some other things you can try:

Do you have /dev/bpf* devices?

Try running "sudo truss nmap --route-dst 10.0.17.1" and sending us the
truss log. This will show if there is a system call that is failing and
causing the error.

David Fifield


Thanks for your reply, David!
- Using --send-ip looks like it's able to work around this problem... I am able to complete scans on the system using --send-ip against the local 10.0.17.0/24 network. - My AIX 6.1 TL7 SP5 does appear to have /dev/bpf[0-3], as character devices, owned by root.system (0:0), with permission mode 0400. 
- I will attach the gzipped truss output from the following two commands:
$ sudo truss -wall -rall -f /opt/local/nmap/bin/nmap --route-dst 10.0.17.1 2>&1 | gzip >nmap-route-dst.truss.gz $ sudo truss -wall -rall -f /opt/local/nmap/bin/nmap -sS 10.0.17.1 2>&1 | gzip >nmap-sS.truss.gz
It's about 400kb of data, I hope that's not inappropriate for the mailing list. 

If you need different truss output, let me know.

Attachment: nmap-route-dst.truss.gz
Description:

Attachment: nmap-sS.truss.gz
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: