Nmap Development mailing list archives
re: RPC anamoly/etc
From: "Mike ." <dmciscobgp () hotmail com>
Date: Mon, 14 Dec 2015 06:04:21 +0000
so after looking at this more closely, but still perplexed, i notice 2 things that might or might not be important. for whatever reason, when i use the nmap MSRPC enum script, the TTL starts out at 40, but ends up being 128 after i send out the RST. not sure i get that. is it being that the 128 is my own box generating that RST from the stack as opposed to the NMAP utility handling it? lastly, the MSS seems to be sent by NMAP as 1024, i beleive. is that too small? when i use RPCDUMP it creates a much larger value to handle all that endpoint data coming back. is this a bug that NMAP is setting this scale value too small? i'm just guessing at all this. i am more a novice, i'll admit ty Mike
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- re: RPC anamoly/etc Mike . (Dec 13)