I've just bought a new box with XP on it (no way am I going with Vista!)
and I notice that the interface device name is not exactly identified
with --iflist:
C:\Documents and Settings\jah>ipconfig
Windows IP Configuration
Ethernet adapter *Local Area Connection*:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.15
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
C:\Documents and Settings\jah>nmap --iflist
Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-11-28 20:56 GMT
Standard Time
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
*eth0* (eth0) 192.168.1.15/24 ethernet up 00:19:21:3D:3F:CE
lo0 (lo0) 127.0.0.1/8 loopback up
DEV WINDEVICE
eth0 \Device\NPF_{3F5D3A0C-7937-48BD-B9FD-B8B36D8884DD}
lo0 \Device\NPF_GenericDialupAdapter
**************************ROUTES**************************
DST/MASK DEV GATEWAY
192.168.1.255/32 eth0 192.168.1.15
192.168.1.15/32 lo0 127.0.0.1
255.255.255.255/32 eth0 192.168.1.15
192.168.1.0/0 eth0 192.168.1.15
127.0.0.0/0 lo0 127.0.0.1
224.0.0.0/0 eth0 192.168.1.15
0.0.0.0/0 eth0 192.168.1.1
is this by design or not? Having googled, I can't see that anyone's
ever mentioned this before and the manpage says only that --iflist
"Prints the interface list and system routes as detected by Nmap."
Here's why I beleive that this may be an issue with windoze users:
I've got an XP laptop (it's mothers and I don't use it much, but bear
with me) with both wired and wireless nics. Now let's say I rename the
interfaces (which I usually do because "Local Area Connection" is a
stupid name!) to eth0 for wired and eth1 for wireless. The problem is,
nmap refers to the first device as eth0 and in this case, it's the
wireless adapter which I've named eth1. I don't know how windows
decides which is the "first" device, but it would seem that ipconfig
will display the adapters in this order - so I ought to have named the
first device eth0 to avoid the possibility of confusion.
The point is, if nmap displayed the actual (windows) name of the device
it would be immediately obvious which device was which without having to
work such things out.
see...
C:\Documents and Settings\jah>ipconfig
Windows IP Configuration
Ethernet adapter eth1:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.13
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Ethernet adapter eth0:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.14
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
C:\Documents and Settings\jah>nmap --iflist
Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-11-28 21:06 GMT
Standard Time
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
eth0 (eth0) 192.168.1.13/24 ethernet up 00:13:CE:8A:74:3C
eth1 (eth1) 192.168.1.14/24 ethernet up 00:16:36:06:7D:16
lo0 (lo0) 127.0.0.1/8 loopback up
DEV WINDEVICE
eth1 \Device\NPF_{9E407963-4C68-4336-9008-3236DF509606}
lo0 \Device\NPF_{08CFDE0B-16EF-4DBB-B93C-386AB69B65FF}
**************************ROUTES**************************
DST/MASK DEV GATEWAY
192.168.1.14/32 lo0 127.0.0.1
255.255.255.255/32 eth0 192.168.1.13
192.168.1.255/32 eth0 192.168.1.14
192.168.1.255/32 eth0 192.168.1.13
255.255.255.255/32 eth0 192.168.1.14
192.168.1.13/32 lo0 127.0.0.1
192.168.1.0/0 eth0 192.168.1.13
192.168.1.0/0 eth0 192.168.1.14
127.0.0.0/0 lo0 127.0.0.1
224.0.0.0/0 eth0 192.168.1.14
224.0.0.0/0 eth0 192.168.1.13
0.0.0.0/0 eth0 192.168.1.1
0.0.0.0/0 eth0 192.168.1.1
Also, I observe that the wireless adapter doesn't have an entry under
WINDEVICE....why's that?
jah
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Nov 28 2007
Intro
