Re: operation now in progress??

[Daniel Miller <bonsaiviking () gmail com>]

On Sun, Feb 8, 2015 at 8:22 AM, Mike . <dmciscobgp () hotmail com> wrote:

> so why am i seeing this? i understand limitations on a win box when it
> somes to connect scans for localhost but this was when i was scanning my
> local router and TIVO boxes. should i not be seeing the same standard
> output in -packet-trace i would normally see in any other scan? meaning the
> normal packet data? i get this instead
>
> CONN (11.9240s) TCP localhost > 192.168.0.10:5280 => Operation now in
> progress
> CONN (11.9260s) TCP localhost > 192.168.0.10:6779 => Operation now in
> progress
> CONN (11.9270s) TCP localhost > 192.168.0.10:1163 => Operation now in
> progress
> CONN (11.9270s) TCP localhost > 192.168.0.10:6881 => Operation now in
> progress
> CONN (11.9280s) TCP localhost > 192.168.0.10:4449 => Operation now in
> progress (then it hangs on close)
>
> normal? running latest version
>
> m|ke
Mike,

Because TCP Connect scan is oriented around sockets and connections instead
of packets, we can only print information about those connections according
to the information that the socket library calls return. I did look into
this further and improve these --packet-trace outputs in r34033. Now they
look like this:

 $ ./nmap -sT --packet-trace scanme.nmap.org -p19,22,23 -n

Starting Nmap 6.47SVN ( http://nmap.org ) at 2015-02-19 20:57 UTC
CONN (0.0365s) TCP localhost > 74.207.244.221:80 => Operation now in
progress
CONN (0.0366s) TCP localhost > 74.207.244.221:443 => Operation now in
progress
CONN (0.0753s) TCP localhost > 74.207.244.221:443 => Connection refused
CONN (0.0756s) TCP localhost > 74.207.244.221:22 => Operation now in
progress
CONN (0.0756s) TCP localhost > 74.207.244.221:23 => Operation now in
progress
CONN (0.0757s) TCP localhost > 74.207.244.221:19 => Operation now in
progress
CONN (0.1141s) TCP localhost > 74.207.244.221:22 => Connected
CONN (0.1166s) TCP localhost > 74.207.244.221:23 => Connection refused
CONN (1.2047s) TCP localhost > 74.207.244.221:19 => Operation now in
progress
Nmap scan report for scanme.nmap.org (74.207.244.221)
Host is up (0.039s latency).
PORT   STATE    SERVICE
19/tcp filtered chargen
22/tcp open     ssh
23/tcp closed   telnet

Nmap done: 1 IP address (1 host up) scanned in 1.33 seconds

You can see that each connection gets a "Operation now in progress"
indication, followed by another line with the actual "error" string. Port
19 timed out and was retried, so you can see that there were 2 "in
progress" lines. On some platforms (Solaris, for one), the initial connect
call can block or return with a final result, so you may not see the "in
progress" line every time.

Dan

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/