Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: Nmap ICMP/TCP Ping Insubordination

Re: Nmap ICMP/TCP Ping Insubordination

From: Noam Rathaus <noamr_at_beyondsecurity.com>
Date: Mon, 7 Jun 2004 12:44:27 +0300

On Monday 07 June 2004 12:28, Martin Mačok wrote:
> On Mon, Jun 07, 2004 at 11:40:59AM +0300, Noam Rathaus wrote:
> > I noticed a very inconsitent (with the man file) behavior of Nmap,
> > I run two command line:
> > 1) ./nmap-3.50/nmap -PT80 -sP -d -n www.microsoft.com
> > (under the root user)
> > 2) /nmap-3.50/nmap -PT80 -sP -d -n www.microsoft.com
> > (under the non-root user)
> >
> > Both should do the same, TCP Ping the host www.microsoft.com,
>
> Option -PT does not do the same for root and non root users. From the
> man page, option -PT: "... spew out TCP ACK packets ... For non root
> users, we use connect()".
>
> Sniff both (1) and (2) with tcpdump/ethereal and see the
> conversations.
>
> Martin Mačok
> IT Security Consultant
>
Hi,

You are right, it used to be different (the man file I read before).

Any chance I can force connect() port ping instead of ACK (which is not quite
the same as connect())? 

-- 
Thanks
Noam Rathaus
CTO
Beyond Security Ltd.
Join the SecuriTeam community on Orkut:
http://www.orkut.com/Community.aspx?cmm=44441
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Jun 07 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]