Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Re: Reg: Protocol divisioning in the tcp packets

From: Dario Ciccarone <dciccaro () cisco com>
Date: Wed, 11 Jan 2017 09:25:22 -0500
Your suggestion makes no sense. To be honest, you should probably stop
here for a second and read a bit about OSI layers.

We will ignore your L2 protocol - because we don't know what
technologies are used between source and target. Starting at L3, your
target may speak IPv4, IPv6 or both. On top of that, at L4, the target
may have listeners on specific ports for TCP, UDP, or may also "talk"
GRE, IGMP, ICMP, etc. You may not know which protocols the target speak.

Then you need to find out. That's why you have a "protocol scan" ( -sO )
in nmap. And if you have both IPv4 and IPv6 connectivity end to end, you
could run them twice - one for IPv4 and one for IPv6.

Saying "nmap should randomly select a protocol which is appropriate for
the network architecture" leads me to believe you would benefit greatly
on improving your basic understanding of networking, and then revisit
the nmap tool.


On 1/11/17 2:00 AM, Akash Das wrote:

---------- Forwarded message ----------
From:
Date: Jan 11, 2017 12:29 PM
Subject: Re: Reg: Protocol divisioning in the tcp packets
To: Daniel Miller <bonsaiviking () gmail com <mailto:bonsaiviking () gmail com>>
Cc:

Hello Dan,
Thanks for the reply,
By protocols I meant ipv6 and ipv4 only.
I had a doubt that in the IP layer the datagram has a slot of 1 byte
address for defining the upper layer protocol that is used. At present
nmap has a way of defining what to use tcp,udp or e.t.c.
I was thinking that instead of specifying this can we have a random
selection of the protocol to use which is best for the network
architecture.

Thanks,
With regards,
Akash Das


On Jan 11, 2017 2:14 AM, "Daniel Miller" <bonsaiviking () gmail com
<mailto:bonsaiviking () gmail com>> wrote:

    Akash,

    What do you mean by the "protocol version"? IP protocol version is
    either IPv4 (default) or IPv6 (with -6 option). TCP does not have
    versions.

    Dan

    On Mon, Jan 9, 2017 at 5:26 AM, Akash Das <akash210197 () gmail com
    <mailto:akash210197 () gmail com>> wrote:

        In nmap when we do a tcp scan there are many other options
        provided such as random checksum, random data, e.t.c but there
        is no option that is being specified for selecting the
        protocol version to use.
        I think it might be helpful in bypassing firewall and faster scan.


        -- 
        /*Akash Das
        */
        /*Student Systems admin
        */
        /*Indian Institute Of Information Technology
        */
        /*Sricity*/

        _______________________________________________
        Sent through the dev mailing list
        https://nmap.org/mailman/listinfo/dev
        <https://nmap.org/mailman/listinfo/dev>
        Archived at http://seclists.org/nmap-dev/





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: