Nmap Development: Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Nmap Development mailing list archives

Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75

From: Fyodor <fyodor () insecure org>
Date: Sun, 30 Jan 2005 20:03:30 -0800

On Tue, Jan 11, 2005 at 02:01:54PM +0100, Martin Ma?ok wrote:


I have again updated the patch since. Now the data payload MTU can be
specified using "--mtu N" too. It also tries to fragment all packets
(ie. including pinging and OS fingerprinting besides just the scanning).
The --packet_trace implementation was enhanced so now it tries to get
more info from fragments than the previous one.

For more, see
http://Xtrmntr.org/ORBman/tmp/nmap/nmap-3.78-fragment.patch


Thanks - I have applied this for the next version of Nmap.  I also
went through your (long!) list of other patches at
http://xtrmntr.org/ORBman/tmp/nmap/ and applied them all except for:

CONNECT-closedflitered - I'm not sure how common this API response is
                         among platforms and it may confuse users.

defeat_ICMP_ratelimit - This will certainly speed things up, but there
                        is a risk of decreasing accuracy.

detect_TARPIT - This is a very cool technique, but I'm not sure it
  belongs in the core distribution.  For example, sometimes you might
  want to scan tarpits.  If it just printed a note in verbose mode
  about potentially tarpitted hosts, that might be better.

option-max_retransmissions - This might generate "bug reports" because
  it only affects port scanning, and not other aspects that retransmit
  such as ping scanning, idle scan, or OS detection.  But making it
  count in all these cases doesn't necessarily solve the problem,
  because you may not want to use the same value for every kind of
  retransmission.  Making the -T variables control this is a good idea
  though, which I should probably implement.  I'm just not sure I want
  a command-line parameter for it.

no_pcap_localhost_workaround - This might be OK, but I'm a wimp and am
  worried it would break something.  My main concern is that I don't
  remember the exact problem that required this workaround in the
  first place.  The workaround doesn't really hurt anything.

I hope to have a new version of Nmap out within a week or so.

Cheers,
Fyodor

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

By Date By Thread

Current thread:

Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 11)
- Message not available
  - Re: [updated patch] fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 29)
    - Message not available
    - Re: [updated patch] fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 30)
- Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Fyodor (Jan 30)
  - Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 31)
    - Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Jan 31)
  - Re: [updated patch] Re: fragment scan got broken between 3.50 and 3.75 Martin Mačok (Feb 01)
  - patches against 3.81 Martin Mačok (Feb 07)