Re: nmap hang due to bind failed

[Daniel Miller <bonsaiviking () gmail com>]

On Wed, Jan 14, 2015 at 11:31 PM, 泰森 <24123782 () qq com> wrote:

> Hi, all:
>    First, I'm not sure if somebody has reported this issue.
>    When I use nmap 6.47 to scan my hosts, sometimes nmap never quit.
>    Here is my command: nmap -Pn -O -sT -sV --version-intensity 4
> 10.18.209.151 -e eth1 -T 3 --max-retries 5 --min-rate 250 --min-parallelism
> 100 -n -oX /tmp/logs/nmap_test.log --open
> ‍
>   Here are some parts of nmap output:
>
>   NSOCK ERROR [80.7190s] mksock_bind_addr(): Bind to 0.0.0.0:443 failed
> (IOD #15): Address already in use (98)
Ricky,

Thanks for this detailed bug report. From the backtrace you gave, it looks
like Nmap is waiting for a reply somewhere in an NSE script. Since you gave
the -sV option and no other script options, the script is probably one with
a "version" category. My guess is it's the rpc-grind.nse.

If you run with the -d2 option, then pressing any key during an NSE phase
will give a traceback of all the currently running scripts. Please run your
scan with -d2 and then reply with the tracebacks you see.

I think that the error message is not really the problem: several
RPC-related scripts attempt to bind to a low-numbered port to bypass some
security checks in NFS. More likely, there is a service that is
unresponsive and a script that is using the default 30-second timeout,
which can result in very long wait times for script completion.

Dan

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/