Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Questions: interface names on win32
From: jah <jah () zadkiel plus com>
Date: Wed, 28 Nov 2007 21:15:26 +0000

I've just bought a new box with XP on it (no way am I going with Vista!) 
and I notice that the interface device name is not exactly identified 
with --iflist:

C:\Documents and Settings\jah>ipconfig

Windows IP Configuration
Ethernet adapter *Local Area Connection*:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.1.15
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1

C:\Documents and Settings\jah>nmap --iflist


Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-11-28 20:56 GMT 
Standard Time
************************INTERFACES************************
DEV  (SHORT) IP/MASK         TYPE     UP MAC
*eth0* (eth0)  192.168.1.15/24 ethernet up 00:19:21:3D:3F:CE
lo0  (lo0)   127.0.0.1/8     loopback up

DEV  WINDEVICE
eth0 \Device\NPF_{3F5D3A0C-7937-48BD-B9FD-B8B36D8884DD}
lo0  \Device\NPF_GenericDialupAdapter

**************************ROUTES**************************
DST/MASK           DEV  GATEWAY
192.168.1.255/32   eth0 192.168.1.15
192.168.1.15/32    lo0  127.0.0.1
255.255.255.255/32 eth0 192.168.1.15
192.168.1.0/0      eth0 192.168.1.15
127.0.0.0/0        lo0  127.0.0.1
224.0.0.0/0        eth0 192.168.1.15
0.0.0.0/0          eth0 192.168.1.1

is this by design or not?  Having googled, I can't see that anyone's 
ever mentioned this before and the manpage says only that --iflist 
"Prints the interface list and system routes as detected by Nmap."

Here's why I beleive that this may be an issue with windoze users:
I've got an XP laptop (it's mothers and I don't use it much, but bear 
with me) with both wired and wireless nics.  Now let's say I rename the 
interfaces (which I usually do because "Local Area Connection" is a 
stupid name!) to eth0 for wired and eth1 for wireless.  The problem is, 
nmap refers to the first device as eth0 and in this case, it's the 
wireless adapter which I've named eth1.  I don't know how windows 
decides which is the "first" device, but it would seem that ipconfig 
will display the adapters in this order - so I ought to have named the 
first device eth0 to avoid the possibility of confusion.
The point is, if nmap displayed the actual (windows) name of the device 
it would be immediately obvious which device was which without having to 
work such things out.

see...

C:\Documents and Settings\jah>ipconfig

Windows IP Configuration

Ethernet adapter eth1:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.1.13
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1

Ethernet adapter eth0:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.1.14
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1

C:\Documents and Settings\jah>nmap --iflist

Starting Nmap 4.23RC3 ( http://insecure.org ) at 2007-11-28 21:06 GMT 
Standard Time
************************INTERFACES************************
DEV  (SHORT) IP/MASK         TYPE     UP MAC
eth0 (eth0)  192.168.1.13/24 ethernet up 00:13:CE:8A:74:3C
eth1 (eth1)  192.168.1.14/24 ethernet up 00:16:36:06:7D:16
lo0  (lo0)   127.0.0.1/8     loopback up

DEV  WINDEVICE
eth1 \Device\NPF_{9E407963-4C68-4336-9008-3236DF509606}
lo0  \Device\NPF_{08CFDE0B-16EF-4DBB-B93C-386AB69B65FF}

**************************ROUTES**************************
DST/MASK           DEV  GATEWAY
192.168.1.14/32    lo0  127.0.0.1
255.255.255.255/32 eth0 192.168.1.13
192.168.1.255/32   eth0 192.168.1.14
192.168.1.255/32   eth0 192.168.1.13
255.255.255.255/32 eth0 192.168.1.14
192.168.1.13/32    lo0  127.0.0.1
192.168.1.0/0      eth0 192.168.1.13
192.168.1.0/0      eth0 192.168.1.14
127.0.0.0/0        lo0  127.0.0.1
224.0.0.0/0        eth0 192.168.1.14
224.0.0.0/0        eth0 192.168.1.13
0.0.0.0/0          eth0 192.168.1.1
0.0.0.0/0          eth0 192.168.1.1

Also, I observe that the wireless adapter doesn't have an entry under 
WINDEVICE....why's that?

jah



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault