Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wild TTL value

From: David Fifield <david () bamsoftware com>
Date: Wed, 1 May 2013 14:40:09 -0700
On Wed, May 01, 2013 at 11:35:47PM +0200, Gisle Vanem wrote:

"David Fifield" <david () bamsoftware com> wrote:


Could you check if it changes the default TTL behavior on Linux?


And incidentally, what was actual TTL sent on the network on Windows
before and after this patch?


It seems to be using 64 mostly (initially?). 45 some other times
(from a quikc test with tcpdump on the side). Probably some Winsock
sense behind this. But I have no docs on that.

On Linux, I have no clue what initial TTL it uses. I don't have
Linux here.


Okay. If not from you though, I need before-and-after default TTLs from
somebody, for a connect scan on Linux and Windows. Or I'm going to
forget the patch.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: