Home page logo

nmap-dev logo Nmap Development mailing list archives

Problems converting Dnet names to WinPcap
From: "Mike pattrick" <mpattrick () rhinovirus org>
Date: Thu, 5 Jun 2008 19:07:42 -0400

Hey everyone,

David and I have been discussing how dubious the for loop near line
350 of output.cc is. To recap, it is the loop that prints out the
following information:
eth0 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}

The problem is, it gets information from Dnet for the 'dev' names and
WinPcap for the 'windevice' names and just assumes that they will be
in the proper order(actually reverse order for some odd reason). There
is really no guarantee that these two names will correctly line up and
I have discovered that they sometimes get mixed up when bridging
network devices[1]. David suggested using the DnetName2PcapName
function, however this function relies on IP addresses, so cant return
proper results for interfaces with no IP set; it also doesn't return
anything for local host and handles bridged connections poorly[2].

Can anyone else think of a way to properly relate a Dnet name to a WinPcap name?


[1] http://rhinovirus.org/bridged.PNG
[2] http://rhinovirus.org/dnetonly.PNG

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]