Re: FW: urgent issue with ipv6 nmap scan

[Angelina Fernandes <angelina_fernandes () persistent co in>]

There was no Dos configuration. IPV6 scanning required the VM(source) from which scan was performed to have ipv6 
address configured..
I can do a scan now. However it taking me lot of time to respond.
Scan of a single ipv6 with -6 and -Pn for all ports takes 202.50 secs. And I need to scan /64 subnet.
Any help to fasten this scan would be appreciated.


-----Original Message-----
From: dev [mailto:dev-bounces () nmap org] On Behalf Of Raul Fuentes
Sent: Thursday, April 17, 2014 1:27 PM
Cc: dev () nmap org<mailto:dev () nmap org>
Subject: Re: FW: urgent issue with ipv6 nmap scan

2014-04-16 6:04 GMT+02:00 Angelina Fernandes <
angelina_fernandes () persistent co in<mailto:angelina_fernandes () persistent co in>>:

> I have a requirement to scan ipv6 ranges. Example;
> 2607:f0d0:1104:00ac:0000:0000:0000:0000/64
> I downloaded nmap6.4 since my older version was not supporting ipv6 ranges.
> However I am getting error, even for simple scan without cidr.
> nmap -6 2607:f0d0:1104:ac:ffff:ffff:ffff:ffff
> setup_target: failed to determine route to
> 2607:f0d0:1104:ac:ffff:ffff:ffff:ffff
> Read from /usr/local/bin/../share/nmap: nmap-services.


With Nmap 6.40 seem to be working fine, however, if you do a very VERY big sweep scan like the one you are displaying 
probably your device will not have enough memory (I have been exhausted 8 GB of RAM  .

Now the the "setup_target: failed to determine route to 2607:f0d0:1104:ac:ffff:ffff:ffff:ffff"  say  too much 
information to me, I haven seen it before when was running  scans and accidentally made some DoS.

The message mean, the Routers are send you a ICMPv6 Route unreachable message, this can be due the IPv6 sub-network 
don't exist or you already provoke a DoS  on the router with that big scan range.

The DoS Risk is explain here: http://tools.ietf.org/html/rfc6583


> WARNING: No targets were specified, so 0 hosts scanned.
> Nmap done: 0 IP addresses (0 hosts up) scanned in 0.04 seconds Raw
> packets sent: 0 (0B) | Rcvd: 0 (0B) I am running nmap on linux.
> Can you please help me with this?
>
>
> From: Fyodor [mailto:fyodor () nmap org]<mailto:[mailto:fyodor () nmap org]>
> Sent: Tuesday, April 15, 2014 11:48 PM
> To: Angelina Fernandes
> Subject: Re: urgent issue with ipv6 nmap scan
>
> On Tue, Apr 15, 2014 at 3:01 AM, Angelina Fernandes <
> angelina_fernandes () persistent co in<mailto<mailto:angelina_fernandes () persistent co in%3cmailto>:
> angelina_fernandes () persistent co in<mailto:angelina_fernandes () persistent co in>>> wrote:
>
>
> I have a requirement to scan ipv6 ranges. I downloaded nmap6.4.
> However I am getting error, even for simple scans without cidr.
> setup_target: failed to determine route to ipv6 address.
>
> Can you please help me with this?
>
> Thanks for your question, suggestion, or report, but I think your best
> bet is to resend it to the Nmap development mailing list (dev () nmap org<mailto<mailto:dev () nmap org%3cmailto>:
> dev () nmap org<mailto:dev () nmap org>>) instead.  That list is preferable for a few reasons:
>
> o It has more than 2,000 members, so someone else may be able to
> resolve your question or issue instead of or more quickly than I can.
>
> o Answers are archived at http://SecLists.Org and indexed by search
> engines, which reduces the number of times we have to answer the same
> questions.
>
> o We use the mailing list to track issues which need to be resolved.
>
> You are most likely to get an answer if your email includes all
> relevant details.  See http://insecure.org/nmap/man/man-bugs.html for
> the type of information which is frequently useful.
>
> You can send a mail to the list without subscribing, but you will then
> need to read the archive at http://seclists.org/nmap-dev/ so you don't
> miss replies.  Your best bet is to subscribe first at
> http://nmap.org/mailman/listinfo/dev.
>
> Sorry for the form letter, but there are millions of Nmap users and I
> can't support them all myself.  But I and many other developers and
> volunteers track the Nmap dev list closely.
>
> Cheers,
> Fyodor
>
>
>
> DISCLAIMER
> ==========
> This e-mail may contain privileged and confidential information which
> is the property of Persistent Systems Ltd. It is intended only for the
> use of the individual or entity to which it is addressed. If you are
> not the intended recipient, you are not authorized to read, retain,
> copy, print, distribute or use this message. If you have received this
> communication in error, please notify the sender and delete all copies of this message.
> Persistent Systems Ltd. does not accept any liability for virus
> infected mails.
>
> _______________________________________________
> Sent through the dev mailing list
> http://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/



--
Ate. Raul FUENTES
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is 
intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, 
you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this 
communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does 
not accept any liability for virus infected mails.

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/