Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: MAC replies

Re: MAC replies

From: Brett Campbell <brett_at_custom-tech.net>
Date: Tue, 19 Oct 2004 15:19:56 -0700

On Tue, Oct 19, 2004 at 09:17:43AM -0400, Adam Jacob Muller wrote:
> Now that nmap has the ability to log MAC addresses does it use the fact
> that it got an arp reply to establish that the host is in fact up, my
> idea here basically is that an ARP reply is basically the only sure way
> to determine if a host is up or not, if you don't get one, then that
> host must be down, if you do in 99.99% of cases it is up (feel free to
> correct me), so does, or should nmap use a positive ARP reply to say
> that the host is up?
> On top of that, ARP replies are also much faster than scanning all
> ports on closed hosts (-P0).

ARP is not a very reliable source of authenticity. Things like tarpits
and proxy-arp make this approach unfeasible. And some IDS will be
alarmed by a flood of 200+ ARP requests in < 1s.

> Where is it written in the Constitution, in what article or section is
> it contained, that you may take children from their parents and parents
> from their children, and compel them to fight the battles of any war in
> which the folly and wickedness of the government may engage itself?
> Under what concealment has this power lain hidden, which now for the
> first time comes forth, with a tremendous and baleful aspect, to
> trample down and destroy the dearest right of personal liberty? Who
> will show me any Constitutional injunction which makes it the duty of
> the American people to surrender everything valuable in life, and even
> life, itself, whenever the purposes of an ambitious and mischievous
> government may require it? . . . A free government with an uncontrolled
> power of military conscription is the most ridiculous and abominable
> contradiction and nonsense that ever entered into the heads of men.
> -Daniel Webster

btw:
http://www.ietf.org/rfc/rfc1855.txt?number=1855 (see the top of page 4)

 - -B

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Oct 19 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos