Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Bug(s) in Nmap 4.60.
From: "Mr Harry!" <nokia1 () gmail com>
Date: Tue, 8 Apr 2008 09:35:47 +0100

Hi,



I've noticed a few issues with Nmap v4.60 that I thought I would email
about:



I've come across a few 'applications' using port zero over the last few
years and have been able to scan it with Nmap until version 4.60. Seem to
get an error straight away when scanning it now: (Scanning using an
up-to-date Windows XP SP2 host)



C:\Documents and Settings\User>nmap -sT 172.20.2.33 -p 0



Starting Nmap 4.60 ( http://insecure.org ) at 2008-04-07 14:48 GMT Standard
T

ime

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory

Strange read error from 172.20.2.33 (10049 - 'Unknown error'): No such file
o

r directory



All other ports seem to work fine and as expected:



C:\Documents and Settings\User>nmap -sT 172.20.2.33 -p 10



Starting Nmap 4.60 ( http://insecure.org ) at 2008-04-07 14:50 GMT Standard
Time

Interesting ports on 172.20.2.33:

PORT   STATE    SERVICE

10/tcp filtered unknown

MAC Address: 00:19:B9:5E:B2:32 (Dell)



Nmap done: 1 IP address (1 host up) scanned in 0.750 seconds



I know the issues with using port 0 for a service etc but I have seen it
used in the past and have compiled the odd program to use it – as mentioned
all previous versions of Nmap seem to be able to scan it.


I have also noticed a massive timing difference with the new version. I had
a range of 12 IP's to scan this morning on all  ports  (over the internet
but they were only behind a PIX 515E, no nIDS / nIPS etc)- Nmap 4.60 said it
would take 32 hours to scan – version 4.52 ran in less than 8 minutes.
As a kind of basic test I scanned an un-firewalled XP sp2 host on a gigabit
switch (the same switch I was on) and 4.60 said it would take 4 hours 2
minutes – version 4.52 finished in under a minute  - the host responded to
ICMP etc so the timing should have been OK.


I don't think it is hardware / network related as 4.52 seems to work fine on
the same host and network

Just thought I'd let the dev(s) know.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
  • Bug(s) in Nmap 4.60. Mr Harry! (Apr 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault