attn RON re: DHCP script

["Mike ." <dmciscobgp () hotmail com>]

group/Ron Bowes


i tried to locate a direct email for you to no avail. simple question here. when i fire off your DHCP discovery script, 
i notice it sends not only your legit packet with all the proper params, but before that, it fires off either an empty 
or MALFORMED payload first. i am guessing this is just to see if you'll get an ICMP unreachable back (test purposes)? 2 
questions here: why the need for the extra overhead involving 2 packets? would you not get the same effect with just 1 
VALID payload packet being sent? and that would also have me say for part 2, if it is malformed in the beginning, would 
it not be dropped by said target anyway? examples below and thank you


Mike



1st pkt sent=empty/malformed:


[Malformed Packet: BOOTP/DHCP]
    [Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]
        [Malformed Packet (Exception occurred)]
        [Severity level: Error]
        [Group: Malformed]


proper one after:

Client IP address: 192.168.0.16 (192.168.0.16)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: 00:1c:25:74:ab:e1 (00:1c:25:74:ab:e1)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Inform)
    Length: 1
    DHCP: Inform (8)
Option: (55) Parameter Request List
    Length: 61
    Parameter Request List Item: (1) Subnet Mask
    Parameter Request List Item: (2) Time Offset .........................(snipped)


and the cmd i am using :
nmap -v -n -Pn -reason -T4 -p 67 -sU max-retries 1 -script=dhcp-discover 192.168.0.10






_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/