Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Nmap Development: [PATCH] UDP --badsum fix

[PATCH] UDP --badsum fix

From: <doug_at_hcsw.org>
Date: Mon, 22 Jan 2007 12:07:45 -0800

Hi nmap-dev!

Small fix. I was reading the UDP RFC http://www.ietf.org/rfc/rfc768.txt

and noticed the following:

"If the computed checksum is zero, it is transmitted as all ones (the
 equivalent in one's complement arithmetic). An all zero transmitted
 checksum value means that the transmitter generated no checksum (for
 debugging or for higher level protocols that don't care)."

The problem is that with --badsum if a packet ends up with a checksum of
1 Nmap's --badsum will subtract 1 from it and the packet will be sent with a
checksum of 0 which actually means that UDP checksums were turned off and
this packet will not technically have a bad checksum.

This will only happen in, on average, 1 in 65535 packets, but why send
incorrect packets when you can send correct packets?

Best,

Doug

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Received on Jan 22 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]