On Mon, Jun 07, 2004 at 12:44:27PM +0300, Noam Rathaus wrote:
> > > 1) ./nmap-3.50/nmap -PT80 -sP -d -n www.microsoft.com
> > > (under the root user)
> > > (under the non-root user)
> Any chance I can force connect() port ping instead of ACK (which is
> not quite the same as connect())?
Try -PS instead of -PT: if connect() is succesfull, -PS will be too.
(or simply run it as non root)
On Mon, Jun 07, 2004 at 12:48:58PM +0300, Noam Rathaus wrote:
> Also, I noted that it still creates an ICMP capture filter under
> root, which would in the case of -PT/-PS/etc be unnecessary, unless
> that host is non-routeable.
It is useful exactly for this reason - if you get ICMP unreachable
back, don't waste your time waiting for the timeout. (Actually, I have
seen hosts that return ICMP destination/network unreachables while
accepting TCP connections second later... which is the reason I don't
use -P options in most Internet/non-sweep scenarious at all.)
Martin Mačok
IT Security Consultant
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Jun 07 2004
Intro
