Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: bug Nmap 5.61TEST2
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 25 Nov 2011 09:44:27 -0600

Diego,

torify is a program which forces another program to use a SOCKS proxy
for all of its connections. SOCKS proxies handle TCP streams,
abstracting away the details of the transport, network, and link
layers. Nmap requires the ability to manipulate and observe all those
layers, so it will never be fully compatible with SOCKS proxies.

I have been able to get Nmap to give slightly useful results (though
full of warning messages) through a SOCKS proxy by using the
--unprivileged flag. This tells Nmap to not use features (like OS
detection, half-open SYN scanning, ICMP ping, etc) that require root
privileges. In general, this limits Nmap to a TCP connect scan, which
should work through a proxy, but in my experience gives only
halfway-useful results (lots of false positives, if I recall
correctly).

Some TCP scanners do work through SOCKS proxies: Metasploit's
auxiliary/scanner/portscan/tcp for one. If you want to submit a bug
report for Nmap scanning through a proxy, use the --unprivileged flag
and then submit your report. Any other type of scan will never be
proxy-capable.

Dan

On Wed, Nov 23, 2011 at 4:03 PM, Diego <shaamangra () gmail com> wrote:
diego () bt:~$ uname -a
Linux bt 2.6.39.4 #1 SMP Wed Aug 17 21:42:30 EDT 2011 x86_64 GNU/Linux

root () bt:/home/diego# torify nmap -A xx.x.x.x

Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-11-23 16:59 EST
nmap: netutil.cc:1252: int collect_dnet_interfaces(const intf_entry*,
void*): Assertion `rc == 0' failed.
Aborted

without the torify is fine !!!




--
** Nem o panteísmo nem a mitologia judaica são suficientes, se pretendeis
explicar o mundo; antes há que encará-lo de frente.**Arthur Schopenhauer

"If 386BSD had been available when I started on Linux, Linux would probably
never had happened." Linus Torvalds*
*
*
*Jesus saves! The rest of us better make backups.*
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]