Remember also that if you're scanning a local subnet, the latest Nmap
verisons won't perform an ICMP nor a TCP ACK on port 80. For all local
subnet "pings" (including the Nmap ping process prior to a scan), nmap
uses the much more efficient and effective ARP process to determine
local device availability. Since an ARP isn't an IP frame, there
shouldn't be a specification of ports when the local subnet is involved
exclusively with an -sP option.
Perhaps a more refined error message would be in order, and an update to
the man page.
--
James "Professor" Messer
Author, Secrets of Network Cartography: A Comprehensive Guide to Nmap
http://www.networkuptime.com/nmap
Andreas Ericsson wrote:
> Diman Todorov wrote:
>
>>> Well, you *are* telling nmap to do a ping-scan (-sP) which doesn't use
>>> ports, but then you specify ports as well.
>>>
>> This is not correct.
>> from the nmap man page:
>> <snip>
>> The -sP option sends an ICMP echo request and a TCP
>> packet to
>> port 80 by default. When executed by an unprivileged
>> user, a SYN
>> packet is sent (using a connect() call) to port 80 on the
>> </snip>
>>
>> IMHO -sP should respect -p
>>
>>
>
> Touché. I should rtfm more carefully or, as in this case, at all :-)
>
> I'm still not sure it makes sense though, unless you use the scan option
> to control output (i.e. make hosts responding to any of the tcp-ports
> given in the range show as "up", but nothing else). Oh well. I'm sure
> it'll all turn out for the best.
>
>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Oct 12 2006
Intro
