Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: cannot scan
From: "Verde Denim" <tdldev () gmail com>
Date: Sun, 19 Oct 2008 22:29:15 -0400

On Sun, Oct 19, 2008 at 10:17 PM, David Fifield <david () bamsoftware com>wrote:

On Sun, Oct 19, 2008 at 09:44:34PM -0400, Verde Denim wrote:
I sent a message to the list earlier regarding this, but am not sure it
through. Please excuse if it is already in circulation
I am trying to learn to use nmap.
I have installed nmap/zenmap (latest version for win) with winpcap
when I run any scans I have to use the --unprivileged option since I am
running with a wireless card which uses ppp0
All scans return the same error

sample scan:
nmap -T4 --version-light -sV -F -O c--unprivileged scan.target.com

constant error output (regardless of target)
TCP/IP fingerprinting (for OS scan) requires that WinPcap version 3.1 or
higher and iphlpapi.dll be installed.
You seem to be missing one or both of these.  Winpcap is available from
http://www.winpcap.org.  iphlpapi.dll
comes with Win98 and later operating sytems and NT 4.0 with SP4 or

For previous windows versions, you may be able to take iphlpapi.dll from
another system and place it in your
system32 dir (e.g. c:\windows\system32).


A limitation of Nmap on Windows is that in can only do raw-packet scans
on Ethernet devices. That's why you have to use --unprivileged on your
ppp0 interface. Unfortunately that means you can't run OS scan either.

The error message is misleading. It really should say "TCP/IP
fingerprinting (for OS scan) requires raw packets" or something like
that. The error message is assuming that the only way you could fail to
have "root privileges" (in terms of raw packet sending) on Windows is
that WinPcap is not installed. However you have shown that it can also
be caused by the use of --unprivileged.

The error message should not be too hard to fix. Does anyone have an
opinion as to the wording, or can you think of any other corner cases to
cause this error?

David Fifield

Thanks for replying. I was beginning to get a bit mental trying to figure
this out.
So, in a nutshell, I cannot use (or should not) use nmap on windows with a
wireless card.
It's disappointing since I need to learn to use this tool for my job, and
the wireless card is my only Internet access at the moment.
Is this a function of the limitation of nmap, or is it a function of the way
packets are processed on the Internet?
Is nmap planned to include functionality to run with a wireless card without
the --unprivileged restriction?
Do you know of another tool which may provide fingerprinting capability with
this setup (winxp/wireless card) ?

As to the message, my vote would be to simply detect the --unprivileged
option on the command line, and report that
fingerprinting is not available with this option. Something like
"You have selected --unprivileged as an argument, which cannot be coupled
with OS/fingerprinting."

I would also add some install notes for nmap to caution users that ppp0 will
eliminate all but the most rudimentary functions of nmap.

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]