Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Gsoc 2011 idea about IPv6
From: Rob Nicholls <robert () robnicholls co uk>
Date: Thu, 24 Mar 2011 17:19:22 +0000

On Thu, 24 Mar 2011 09:06:56 -0700, David Fifield wrote:
Windows doesn't support raw sockets at all

I don't think that's entirely true. Server 2003 has apparently always been unaffected:


This web page from Microsoft suggests it's also still possible on Windows 2008 and 2008 R2:


Limitations on Raw Sockets

On Windows 7, Windows Vista, Windows XP with Service Pack 2 (SP2), and Windows XP with Service Pack 3 (SP3), the ability to send traffic over raw sockets has been restricted in several ways:

 - TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address). - A call to the bind function with a raw socket for the IPPROTO_TCP protocol is not allowed.

Note The bind function with a raw socket is allowed for other protocols (IPPROTO_IP, IPPROTO_UDP, or IPPROTO_SCTP, for example).

These above restrictions do not apply to Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.

I suspect the majority of Nmap users aren't using Windows Server; but some of us have access to Windows Server variants to perform port scans/penetration tests. It's probably not going to be a high priority on the todo list though.


Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]