<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Nmap Development: Bug(s) in Nmap 4.60.

Bug(s) in Nmap 4.60.

From: Mr Harry! <nokia1_at_gmail.com>
Date: Tue, 8 Apr 2008 09:35:47 +0100

Hi,

I've noticed a few issues with Nmap v4.60 that I thought I would email
about:

I've come across a few 'applications' using port zero over the last few
years and have been able to scan it with Nmap until version 4.60. Seem to
get an error straight away when scanning it now: (Scanning using an
up-to-date Windows XP SP2 host)

C:\Documents and Settings\User>nmap -sT 172.20.2.33 -p 0

Starting Nmap 4.60 ( http://insecure.org ) at 2008-04-07 14:48 GMT Standard
T

ime

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

All other ports seem to work fine and as expected:

C:\Documents and Settings\User>nmap -sT 172.20.2.33 -p 10

Starting Nmap 4.60 ( http://insecure.org ) at 2008-04-07 14:50 GMT Standard
Time

Interesting ports on 172.20.2.33:

PORT STATE SERVICE

10/tcp filtered unknown

MAC Address: 00:19:B9:5E:B2:32 (Dell)

Nmap done: 1 IP address (1 host up) scanned in 0.750 seconds

I know the issues with using port 0 for a service etc but I have seen it
used in the past and have compiled the odd program to use it – as mentioned
all previous versions of Nmap seem to be able to scan it.

I have also noticed a massive timing difference with the new version. I had
a range of 12 IP's to scan this morning on all ports (over the internet
but they were only behind a PIX 515E, no nIDS / nIPS etc)- Nmap 4.60 said it
would take 32 hours to scan – version 4.52 ran in less than 8 minutes.
As a kind of basic test I scanned an un-firewalled XP sp2 host on a gigabit
switch (the same switch I was on) and 4.60 said it would take 4 hours 2
minutes – version 4.52 finished in under a minute - the host responded to
ICMP etc so the timing should have been OK.

I don't think it is hardware / network related as 4.52 seems to work fine on
the same host and network

Just thought I'd let the dev(s) know.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Apr 08 2008

This message: [ Message body ]
Next message: sfijn_at_xs4all.nl: "nmap 4.50 and 4.60: little display error"
Previous message: Fyodor: "Re: gsoc --top-ports"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos