mailing list archives
Re: NMap Scan Through VPN?
From: Andreas Ericsson <ae () op5 se>
Date: Sun, 12 Mar 2006 22:14:54 +0100
Alan Jones wrote:
I recently was thinking I should send in some equipment and version info
on some of network devices at the office that NMap did not recognize.
Due to timing I never got around to doing any checks. So this weekend I
decided to experiment on a few things.
I loaded the latest NMap and connected from home over the VPN back to
the office. I knew from past experience I could ping, trace, and load
various programs etc over the VPN. So I decided to scan a few boxes
just to see what would happen next.
Interestingly enough Nmap did not even see the equipment.
I was surprised.... I figured Nmap might complain about something
father along but not that it could not find the equipment.
This was using the Microsoft Windows VPN software.
Anyone else done any scanning over a VPN? I am sure there are enough
variables that it would not be endorsed, but just curious if this issue
was just our network or something bigger. I did not run any debug type
checks.... at this point just wanted to get reaction and ides from others.
For windows, nmap works by sending raw ethernet frames directly to the
NIC. I'm guessing that can't be done with a virtual interface (which is
always involved when setting up a VPN) so nmap just won't work over VPN
connections on Windows. I think it should on Unices, since raw socket
support is still available there, but I'm not sure. Perhaps someone with
more knowledge of the nmap core plumbing can answer that.
Andreas Ericsson andreas.ericsson () op5 se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
Sent through the nmap-dev mailing list