Nmap Development mailing list archives
Re: Fwd: Re: Reg: Protocol divisioning in the tcp packets
From: Dario Ciccarone <dciccaro () cisco com>
Date: Wed, 11 Jan 2017 09:25:22 -0500
Your suggestion makes no sense. To be honest, you should probably stop here for a second and read a bit about OSI layers. We will ignore your L2 protocol - because we don't know what technologies are used between source and target. Starting at L3, your target may speak IPv4, IPv6 or both. On top of that, at L4, the target may have listeners on specific ports for TCP, UDP, or may also "talk" GRE, IGMP, ICMP, etc. You may not know which protocols the target speak. Then you need to find out. That's why you have a "protocol scan" ( -sO ) in nmap. And if you have both IPv4 and IPv6 connectivity end to end, you could run them twice - one for IPv4 and one for IPv6. Saying "nmap should randomly select a protocol which is appropriate for the network architecture" leads me to believe you would benefit greatly on improving your basic understanding of networking, and then revisit the nmap tool. On 1/11/17 2:00 AM, Akash Das wrote:
---------- Forwarded message ---------- From: Date: Jan 11, 2017 12:29 PM Subject: Re: Reg: Protocol divisioning in the tcp packets To: Daniel Miller <bonsaiviking () gmail com <mailto:bonsaiviking () gmail com>> Cc: Hello Dan, Thanks for the reply, By protocols I meant ipv6 and ipv4 only. I had a doubt that in the IP layer the datagram has a slot of 1 byte address for defining the upper layer protocol that is used. At present nmap has a way of defining what to use tcp,udp or e.t.c. I was thinking that instead of specifying this can we have a random selection of the protocol to use which is best for the network architecture. Thanks, With regards, Akash Das On Jan 11, 2017 2:14 AM, "Daniel Miller" <bonsaiviking () gmail com <mailto:bonsaiviking () gmail com>> wrote: Akash, What do you mean by the "protocol version"? IP protocol version is either IPv4 (default) or IPv6 (with -6 option). TCP does not have versions. Dan On Mon, Jan 9, 2017 at 5:26 AM, Akash Das <akash210197 () gmail com <mailto:akash210197 () gmail com>> wrote: In nmap when we do a tcp scan there are many other options provided such as random checksum, random data, e.t.c but there is no option that is being specified for selecting the protocol version to use. I think it might be helpful in bypassing firewall and faster scan. -- /*Akash Das */ /*Student Systems admin */ /*Indian Institute Of Information Technology */ /*Sricity*/ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev> Archived at http://seclists.org/nmap-dev/ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Reg: Protocol divisioning in the tcp packets Akash Das (Jan 09)
- Re: Reg: Protocol divisioning in the tcp packets Daniel Miller (Jan 10)
- Message not available
- Message not available
- Fwd: Re: Reg: Protocol divisioning in the tcp packets Akash Das (Jan 10)
- Re: Fwd: Re: Reg: Protocol divisioning in the tcp packets Dario Ciccarone (Jan 11)
- Message not available
- Re: Reg: Protocol divisioning in the tcp packets Daniel Miller (Jan 10)