Nmap Development mailing list archives

Re: Re[2]: Nmap 6.47 works incorrectly in Solaris 10

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 21 May 2015 11:55:10 -0500

Luong,

Thanks, that's really useful information! I wonder if there's a routing
problem for some reason, or if Nmap is picking the wrong interface? You can
check this by doing:

nmap --route-dst 192.168.89.10

If this gives something you don't expect (like using the wrong interface or
source address), then please send that and the output of

nmap --iflist

along with what you think is wrong with the output.

Otherwise, there may be a problem with how we are capturing the ARP
replies. Is there any way you can include a pcap of just the ARP traffic
sent and received during a scan of one of the problem targets? This is how
I would expect to do it, but you may need to change your commands based on
what's available:

tcpdump -n -i bge0 -w solaris-arp-bug.pcap -- arp &
nmap -sn -n -d 192.168.89.10

Thanks!
Dan

On Thu, May 21, 2015 at 9:10 AM, Luong Nguyen <lucasart1989 () gmail com>
wrote:

Hi Dan,
Nmap on solaris can only detect solaris hosts include both sparc and x86.
All hosts on same subnet include: nmap tool , vmware machines, PCs ,
router, L2/L3 switch...

I can ssh,ping and manage many hosts from solaris machine.

A good new for you. I used --send-ip option in the nmap command and it
works correctly but i have a confuse the behavior of nmap on solaris is
difference with linux and windows platforms.I do not need add --send-ip
option.

Kind regards,
Luong Nguyen

Sent from myMail for iOS


Thursday, May 21, 2015, 20:33 +0700 from Daniel Miller <
bonsaiviking () gmail com>:

 Luong,

Sorry about the long silence. I've filed this as a bug report on our
tracker: http://issues.nmap.org/124

One thing I notice about the output you gave me: The hosts that Solaris
*is* able to detect all have Oracle or VMware OUIs (MAC address vendor),
whereas the Linux scanner sees hosts with Cisco, HP, Dell, etc. Are these
targets Solaris machines, too? If so, are any Solaris machines missed by
the Solaris scanner?

Apart from Nmap, are you able to contact (ping, ssh, or anything) the
missed hosts from the Solaris machine?

Thanks for any further details you can add.

Dan

On Thu, Apr 2, 2015 at 9:38 PM, Luong Nguyen <lucasart1989 () gmail com
<https://e-aj.my.com/compose/?mailto=mailto%3alucasart1989 () gmail com>>
wrote:

1. Output of nmap --version
bash-3.2# ./nmap -v

Starting Nmap 6.47 ( http://nmap.org ) at 2015-04-02 21:57 EDT
Read data files from: .
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.19 seconds
           Raw packets sent: 0 (0B) | Rcvd: 0 (0B)


2. Output of your command with -d
attach file

3. Can nmap find the missing hosts if scanning them individually? Like if
192.168.89.10 is shown in the Linux scan, on Solaris do: nmap -sn -d
192.168.89.10
attach file

4. Is there anything special or unique about your system or network? Are
you running as root, or in a zone, or on a VM?
I run all command with root user
SunOS qipsun34 5.10 Generic_147147-26 sun4u sparc SUNW,Sun-Fire-V210
all hosts connected to a switch no firewall

5. Does the problem persist with the latest development tree in
subversion? svn co https://svn.nmap.org/nmap
Yes

Thanks,
Luong Nguyen

2015-04-02 15:28 GMT-04:00 Daniel Miller <bonsaiviking () gmail com
<https://e-aj.my.com/compose/?mailto=mailto%3abonsaiviking () gmail com>>:

Luong,

Thanks for bringing this up. We have several fixes in our development
source tree for issues on Solaris, but none with the symptom you described.
Can you provide some more information so we can debug?

1. Output of nmap --version

2. Output of your command with -d

3. Can nmap find the missing hosts if scanning them individually? Like if
192.168.89.10 is shown in the Linux scan, on Solaris do: nmap -sn -d
192.168.89.10

4. Is there anything special or unique about your system or network? Are
you running as root, or in a zone, or on a VM?

5. Does the problem persist with the latest development tree in
subversion? svn co https://svn.nmap.org/nmap

Thanks,
Dan

On Thu, Apr 2, 2015 at 12:10 PM, Luong Nguyen <lucasart1989 () gmail com
<https://e-aj.my.com/compose/?mailto=mailto%3alucasart1989 () gmail com>>
wrote:

Hi Dev,

I using nmap6.47 for testing in Solaris 10.
Run command: nmap -sP 192.168.89.0/24
But it only detect 4 hosts up on my subnet
On Linux, nmap detects 60 hosts up on same subnet.

Could you please help to check this issue?

Thanks,
Luong Nguyen.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Nmap 6.47 works incorrectly in Solaris 10 Luong Nguyen (Apr 02)
- Re: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (Apr 02)
  - Message not available
    - Re: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 21)
    - Message not available
    - Re: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 21)
    - Message not available
    - Re: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 21)
    - Re: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Luong Nguyen (May 22)
    - Re: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 22)
    - Re: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Luong Nguyen (May 22)
    - Re: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 22)
    - Re[2]: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Luong Nguyen (May 22)
    - Re: Re[2]: Re[2]: Re[2]: Nmap 6.47 works incorrectly in Solaris 10 Daniel Miller (May 23)