Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: possible bug, nmap v7.40

From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 26 Sep 2017 14:44:38 -0500
I remembered this issue when I saw a question and answer on
unix.stackexchange.com [1], so I thought I'd send an update. This is due to
a bug in the netfilter nat module in Linux 4.8. The code change which
introduced the bug was reverted in 4.8.16, and kernel 4.9 is not affected.

Thanks for reporting it!

Dan

https://unix.stackexchange.com/a/337496/16171

On Thu, Feb 2, 2017 at 5:32 PM, Daniel Miller <bonsaiviking () gmail com>
wrote:


Yes, I have seen this happening. It's slowing down scans a lot, and I
suspect it has something to do with the conntrack module that is used for
the "ESTABLISHED" and "RELATED" matches, but I can't figure out what the
cause is. If you do a very slow scan (-T2) nothing goes wrong, so it's a
rate limit of some sort. We really need to figure out what the problem is
and how to work around it!

Dan

On Wed, Feb 1, 2017 at 4:33 PM, cyb <cg.venus () gmail com> wrote:


Hi,

I'm experiencing a problem using nmap (v7.40) with iptables on kali
(Debian 4.8.15-1kali1 (2016-12-23) x86_64 GNU/Linux).

I have messages like:
*sendto in send_ip_packet_sd: sendto(4, packet, 44, 0, 45.33.32.156, 16)
=> Operation not permitted*
if my firewall is activated.

I'm using VPN with OpenVPN and nmap works fine after startup with VPN ==
on and iptabels == off, but if I'm activating firewall (script vpnfw.sh
attached) nmap is sending error messages. I read about it that you need to
allow INVALID packets and I'm doing that but it doesn't help. But what is
more weired, even after I reset firewall (script fwreset.sh attached) it's
still showing me error messages. I tried to restart network services etc,
nothing helps, only PC restart.

Even after I disconnect from VPN, flush iptables, restart wlan0 interface
and network-manager, even after this nmap still sends error messages.

So, such scenario:

- PC start up.
- VPN=off,
- Firewall disabled, iptables=off.
- Nmap *OK*.
- Enabling VPN=on.
- Nmap *OK*.
- Firewall enabling, iptables=on.
- Nmap *FAIL*.
- Firewall disable, iptables=off.
- Nmap *FAIL*.
- Disabling VPN=off
- Nmap *FAIL*.
- Try restart all network services.
- Nmap *FAIL*.
- PC restart.
- Nmap *OK*.

Regards


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: