Home page logo

nmap-dev logo Nmap Development mailing list archives

"No buffer space available" when scanning a Class A or B net
From: Bob McLaren <BobMcLaren () fssi-ca com>
Date: Thu, 4 Mar 2004 15:21:21 -0800

[ Bounced from nmap-hackers to nmap-dev  --Fyodor ]

I am trying to scan my corporate network to see if I have any hosts that 
have been recently infected with the Bagel virus.
This virus apparently opens up a listen port on port 2745.  So, my 
intention was to scan our entire Class A network.
The problem is, if I try to scan any more than a Class C, I get a "No 
buffer space available" error and the scan get's bogged down with 15 and 
60 second pauses between scans.

Here is the command I used:
   nmap -sS -p 2745 -n

In the middle of the scan, I start receiving errors like this::
   sendto in send_ip_raw: sendto(4, packet, 28, 0,, 16) => 
No buffer space available
   Sleeping 15 seconds then retrying

As I said, if I limit my scan to a Class C (254 hosts) the scan 
completes in no time and runs perfectly.  It's only when I try and sweep 
a wider range that I receive this error.

Here are my specs:
   Running nmap 3.50 from the 3.50-1 rpm
   Red Hat Linux release 7.1
   Kernel version 2.4.9-31smp
   10/100 ethernet nic on a Class A subnet

I've tried playing with -T settings, --max_parallelism, -PT scans, etc.. 
None seem to have any effect.
When searching newsgroups and forums, all I find are references to bad 
ppoe connections and suggestions to hack FreeBSD kernels to change the 
MAXUSERS setting.  None of those things seem to apply to me.

Any assistance or a point in the right direction would be most appreciated.


For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]