<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Nmap Development: RE: Bug in IP Parsing

RE: Bug in IP Parsing

From: Brandon Enright <bmenrigh_at_ucsd.edu>
Date: Thu, 20 Oct 2005 12:14:29 -0700

Juan Perez wrote:
>
> There seems to be a bug in the IP parsing mechanism.
>
> Example:
>
> input file: test
>
> test is only two lines:
>
> 10.10.0.0/24
> 10.10.0.80/24
>
> The bug is that the second line is an invalid combination and
> therefore should be rejected.Instead, nmap ignores the last
> octet(80) and proceeds to parse it as 10.10.0.0/24 .
>

This is not a bug. The /24 specifies that only the first 24 bits of
10.10.0.80 are significant. A simple AND with the bitmask results in
10.10.0.0.

See RFCs 1517, 1518, 1519, and 1520 for more information.

Regards,

Brandon

--
Brandon Enright
UCSD ACS/Network Operations
bmenrigh_at_ucsd.edu
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Received on Oct 20 2005

This message: [ Message body ]
Next message: Martin Mačok: "nmap-3.93 UDP service fingerprinting does not show the match"
Previous message: Andreas Ericsson: "Re: Bug in IP Parsing"
In reply to: Juan Perez: "Bug in IP Parsing"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos