Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nmap 6.25 (possible) bug report

From: Beppe Baschieri <baschieri () intercom it>
Date: Fri, 14 Feb 2014 16:53:24 +0100
Installed current
# emerge =nmap-6.40

- same behavior reported for 6.25 occurred
- all the other options and scan-type (normally used by me) seems OK for both 6.25 and 6.40 


On 2014-02-14 12:11, John Bond wrote:

What are the results with the  current release 6.40?

-----Original Message-----
From: Beppe Baschieri <baschieri () intercom it>
Reply-To: <baschieri () intercom it>
Date: Thursday 13 February 2014 15:47
To: <dev () nmap org>
Subject: Nmap 6.25 (possible) bug report


Nmap 6.25
Gentoo 3.8.13-gentoo

sending the following command (to test a firewall rules matching with
<syn> session init)
# nmap -e eth0 -Pn -S 10.209.12.24 10.209.17.239 -p 80
I can't see the <syn> packet arriving on fw node

analyzing with tcpdump I find out this ARP request, related to the
execution of the below command, as it is trying to send the packet to
the local vlan instead to sent it to the gw
15:35:26.498921 ARP, Request who-has 10.209.17.239 (ff:ff:ff:ff:ff:ff) 
tell 10.209.12.24, length 28
15:35:26.699203 ARP, Request who-has 10.209.17.239 (ff:ff:ff:ff:ff:ff) 
tell 10.209.12.24, length 28

The same command
# nmap -e eth0 -Pn -S 10.209.12.24 10.209.17.239 -p 80
works perfectly on another machine, a Debian 3.2 system with Nmap 6.00 

Best regards.

Beppe Baschieri
-
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: