Nmap Development mailing list archives

Re: possible bug, nmap v7.40

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 2 Feb 2017 17:32:03 -0600

Yes, I have seen this happening. It's slowing down scans a lot, and I
suspect it has something to do with the conntrack module that is used for
the "ESTABLISHED" and "RELATED" matches, but I can't figure out what the
cause is. If you do a very slow scan (-T2) nothing goes wrong, so it's a
rate limit of some sort. We really need to figure out what the problem is
and how to work around it!

Dan

On Wed, Feb 1, 2017 at 4:33 PM, cyb <cg.venus () gmail com> wrote:

Hi,

I'm experiencing a problem using nmap (v7.40) with iptables on kali
(Debian 4.8.15-1kali1 (2016-12-23) x86_64 GNU/Linux).

I have messages like:
*sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, 45.33.32.156, 16)
=> Operation not permitted*
if my firewall is activated.

I'm using VPN with OpenVPN and nmap works fine after startup with VPN ==
on and iptabels == off, but if I'm activating firewall (script vpnfw.sh
attached) nmap is sending error messages. I read about it that you need to
allow INVALID packets and I'm doing that but it doesn't help. But what is
more weired, even after I reset firewall (script fwreset.sh attached) it's
still showing me error messages. I tried to restart network services etc,
nothing helps, only PC restart.

Even after I disconnect from VPN, flush iptables, restart wlan0 interface
and network-manager, even after this nmap still sends error messages.

So, such scenario:

- PC start up.
- VPN=off,
- Firewall disabled, iptables=off.
- Nmap *OK*.
- Enabling VPN=on.
- Nmap *OK*.
- Firewall enabling, iptables=on.
- Nmap *FAIL*.
- Firewall disable, iptables=off.
- Nmap *FAIL*.
- Disabling VPN=off
- Nmap *FAIL*.
- Try restart all network services.
- Nmap *FAIL*.
- PC restart.
- Nmap *OK*.

Regards


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

possible bug, nmap v7.40 cyb (Feb 02)
- Re: possible bug, nmap v7.40 Daniel Miller (Feb 02)
- <Possible follow-ups>
- Re: possible bug, nmap v7.40 Varunram Ganesh (Feb 02)