Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

re: RPC anamoly/etc

From: "Mike ." <dmciscobgp () hotmail com>
Date: Mon, 14 Dec 2015 06:04:21 +0000
so after looking at this more closely, but still perplexed, i notice 2 things that might or might not be important. for 
whatever reason, when i use the nmap MSRPC enum script, the TTL starts out at 40, but ends up being 128 after i send 
out the RST. not sure i get that. is it being that the 128 is my own box generating that RST from the stack as opposed 
to the NMAP utility handling it?


lastly, the MSS seems to be sent by NMAP as 1024, i beleive. is that too small? when i use RPCDUMP it creates a much 
larger value to handle all that endpoint data coming back. is this a bug that NMAP is setting this scale value too 
small? i'm just guessing at all this. i am more a novice, i'll admit


ty

Mike

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: