Nmap Development mailing list archives
Re: Force TCP traceroute
From: Jacek Wielemborek <d33tah () gmail com>
Date: Fri, 16 Oct 2015 16:27:23 +0200
W dniu 16.10.2015 o 15:35, Jochen Bartl pisze:
Hi *, is there a way to have Nmap traceroute to a host via TCP even though the destination port is filtered and the host scan was intentionally disabled? After searching the mailinglist archive and having had a look at traceroute.cc I couldn't find a solution. In traceroute.cc [1] it seems like that an ICMP/echo traceroute is implicitly chosen if the host scan is disabled. My impression of "nmap -sS -n -Pn -p 443 --traceroute w.x.y.z" was that if the host scan is disabled, Nmap would just use TCP syn packets to get to the destination. I would like to be able to trace the path via TCP-syn packets to figure out, which firewall in the path is most likely filtering the packets. If that's not possible right now, maybe you could add it to the feature requests queue ;-) I thought about an --ignore-probe-result option, but didn't make a patch, because I'm neither familiar with c nor c++ and would like to spare you my copy&paste coding results. Thanks and best regards, Jochen 1) https://github.com/nmap/nmap/blob/master/traceroute.cc#L616-L622
To the best of my knowledge, Nmap is trying to use the best probe it found during host discovery. Perhaps adding -PS443 would make it use this protocol?
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Force TCP traceroute Jochen Bartl (Oct 16)
- Re: Force TCP traceroute Jacek Wielemborek (Oct 16)
- Re: Force TCP traceroute Jochen Bartl (Oct 16)
- Re: Force TCP traceroute Jacek Wielemborek (Oct 16)
- Re: Force TCP traceroute Jochen Bartl (Oct 16)
- Re: Force TCP traceroute Jochen Bartl (Oct 16)
- Re: Force TCP traceroute Jacek Wielemborek (Oct 16)
- Re: Force TCP traceroute Fyodor (Oct 17)
- Re: Force TCP traceroute Jochen Bartl (Oct 18)