Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Bug in Parallel DNS resolution in Nmap 4.50?

Bug in Parallel DNS resolution in Nmap 4.50?

From: Lionel Cons <lionel.cons_at_cern.ch>
Date: Wed, 19 Dec 2007 11:53:52 +0100

I've started a scan against a list of machines identified by their IP
addresses. The Nmap process takes 100% CPU and is stuck in the name
resolution part. I killed it after 25 minutes, which is a lot to
resolve only 400+ addresses.

Here are the last lines printed:

[...]
We got a TCP ping packet back from 192.168.74.73 port 80 (trynum = 1)
We got a TCP ping packet back from 192.168.73.75 port 80 (trynum = 1)
We got a TCP ping packet back from 192.168.21.207 port 80 (trynum = 1)
We got a ping packet back from 192.168.45.7: id = 48978 seq = 0 checksum = 16557
Completed Ping Scan at 11:20, 1.84s elapsed (436 total hosts)
mass_rdns: Using DNS server 192.168.1.5
mass_rdns: Using DNS server 192.168.1.6
Initiating Parallel DNS resolution of 436 hosts. at 11:20

And nothing after...

The scan runs fine if I add the -n option.

There must be a severe bug in the name resolution code...

Cheers,

Lionel Cons

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 19 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]