Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: Windows Nmap Port 0 problem
From: kx <kxmail () gmail com>
Date: Tue, 3 Apr 2007 07:29:24 +0200
Looks like we just need to implement error handling similar to the -g option


nmap -sT -g0 192.168.1.1

WARNING: a source port of zero may not work on all systems.
WARNING:  -g is incompatible with the default connect() scan (-sT).
Use a raw scan such as -sS if you want to set the source port.

On 4/2/07, kx <kxmail () gmail com> wrote:

Looks like our use of port 0 with connect ist verboten on Windows. I
would think we could use --send-eth to force Windows to use raw
ethernet so we could build our own headers, but it doesn't seem to
work. Honestly, I don't know the code well enough yet to know if nmap
has its own TCP connect stack, but it would be nice.

I am not sure of good patch yet, I will sleep on it.

Cheers,
      kx

From the MSDN: http://msdn2.microsoft.com/en-us/library/ms740668.aspx

WSAEADDRNOTAVAIL
10049

Cannot assign requested address.
   The requested address is not valid in its context. This normally
results from an attempt to bind to an address that is not valid for
the local computer. This can also result from connect, sendto,
WSAConnect, WSAJoinLeaf, or WSASendTo when the remote address or port
is not valid for a remote computer (for example, address or port 0).

On 4/2/07, David Matousek <david () matousec com> wrote:

Hi,

running "nmap -P0 -p0 -sT 1.2.3.4" on Windows machines (tested on 2000 and 2003 with Nmap 4.11
and 2000 with Nmap 4.21ALPHA4) causes some strange reports like

"Strange read error from 1.2.3.4 (10049 - 'Unknown error'): No such file or directory"

1.2.3.4 can be any IP or hostname

If any other port is used instead of 0, it works fine, if P0 is not specified, it appears only if
the machine is alive, if -sT is not specified, it works fine.

Regards,

--
David Matousek

Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]