Nmap Development mailing list archives
Bug in nmap parallel resolver (dns) on Windows
From: "Frazier, Kenneth B" <kenneth.b.frazier () spiritaero com>
Date: Wed, 6 Feb 2013 15:20:49 -0600
I've found an issue while running both nmap 6.01 and 6.25 where the parallel resolver function is attempting to reverse lookup ip addresses using dns servers that were last assigned to an adapter/network interface that is no longer active. For example, if I have an Ethernet port, a wireless port, and a USB port, if any of them are disabled or disconnected but have been previously connected to a network, the Windows registry maintains the adapters last DHCP assigned DNS servers, and parallel resolution will attempt to send queries to those addresses. If I force the use of -system-dns, nmap does not generate these [invalid] reverse lookups. I am capturing this activity via Wireshark. I noticed the behavior when trying to troubleshoot a problem with scans that started taking too long, shortly after connecting to a new network interface (temporarily). I am running Windows 7 SP1 X64, and an only using the IPv4 stack. IPv6 has been disabled. Ken Frazier, CISSP Associate Technical Fellow +1 (316) 393-9453 Investigations & Cyber Intelligence Security, Governance, Risk and Compliance Spirit AeroSystems, Inc. P.O. Box 780008 | M/C: K66-22 | Wichita, KS 67278-0008 <mailto:kenneth.b.frazier () spiritaero com> kenneth.b.frazier () spiritaero com
Attachment:
smime.p7s
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug in nmap parallel resolver (dns) on Windows Frazier, Kenneth B (Feb 06)
- Re: Bug in nmap parallel resolver (dns) on Windows David Fifield (Mar 03)
- RE: Bug in nmap parallel resolver (dns) on Windows Frazier, Kenneth B (Mar 04)
- Re: Bug in nmap parallel resolver (dns) on Windows David Fifield (Mar 04)
- RE: Bug in nmap parallel resolver (dns) on Windows Frazier, Kenneth B (Mar 04)
- Re: Bug in nmap parallel resolver (dns) on Windows David Fifield (Mar 03)