Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: 4.20RC2 and OSX oddity
From: kx <kxmail () gmail com>
Date: Wed, 6 Dec 2006 17:57:13 -0500
You might want to start here. dnet is doing something odd on *BSD's
when we try to build routes on our own.

http://seclists.org/nmap-dev/2006/q3/0108.html

Good luck,
  kx

On 12/6/06, Kurt Grutzmacher <grutz () jingojango net> wrote:

I'm tracking this little oddity down but it seems I can't do any
raw-packet nmaps (-sS, -sV, -sA, etc) on anything past the default
route until I first do a connect scan. If I give it an interface (-e
en1) it works. This isn't 4.20-specific as I tested it all the way
back to 4.00.

My guess is that the latest Parallels install is messing with the
environment somehow. There are four interfaces with IP addreses but
only one default route.

grutzImac:~/src/nmap/nmap-4.20RC2 grutz$ sudo ./nmap -sV scanme.insecure.org

Starting Nmap 4.20RC2 ( http://insecure.org ) at 2006-12-06 08:20 PST
nexthost: failed to determine route to 205.217.153.62
QUITTING!

grutzImac:~/src/nmap/nmap-4.20RC2 grutz$ ./nmap scanme.insecure.org

Starting Nmap 4.20RC2 ( http://insecure.org ) at 2006-12-06 08:21 PST
Interesting ports on scanme.nmap.org (205.217.153.62):
Not shown: 1691 filtered ports
PORT    STATE  SERVICE
22/tcp  open   ssh
25/tcp  closed smtp
53/tcp  open   domain
70/tcp  closed gopher
80/tcp  open   http
113/tcp closed auth

Nmap finished: 1 IP address (1 host up) scanned in 43.650 seconds

grutzImac:~/src/nmap/nmap-4.20RC2 grutz$ sudo ./nmap --iflist

Starting Nmap 4.20RC2 ( http://insecure.org ) at 2006-12-06 08:22 PST
************************INTERFACES************************
DEV (SHORT) IP/MASK         TYPE     UP MAC
lo0 (lo0)   127.0.0.1/8     loopback up
en1 (en1)   192.168.1.10/24 ethernet up 00:14:51:E5:D1:43
en2 (en2)   10.37.129.2/24  ethernet up 00:01:23:45:67:89
en3 (en3)   10.211.55.2/24  ethernet up 00:10:32:54:76:98

**************************ROUTES**************************
DST/MASK          DEV GATEWAY
224.0.0.251/32    en1 192.168.1.1
10.37.129.2/32    lo0 127.0.0.1
10.211.55.2/32    lo0 127.0.0.1
127.0.0.1/32      lo0 127.0.0.1
192.168.1.10/32   lo0 127.0.0.1
205.217.153.53/32 en1 192.168.1.1
205.217.153.62/32 en1 192.168.1.1
127.0.0.0/0       lo0 127.0.0.1
0.0.0.0/0         en1 192.168.1.1

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]