Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: "Windows does not support scanning your own machine (localhost) this way" shows all scanned ports
From: Fyodor <fyodor () nmap org>
Date: Sun, 8 Sep 2013 13:27:30 -0700

On Sun, Sep 8, 2013 at 9:16 AM, Daniel Miller <bonsaiviking () gmail com>wrote:

I think this could also be remedied just on the output side of things
by using PORT_HIGHEST_STATE to indicate end-of-iteration for
PortList::nextIgnoredState instead of PORT_UNKNOWN. Since PORT_UNKNOWN
is a valid (sort of) state in this case, it results in never being
able to collapse them into an extraports element. PORT_HIGHEST_STATE
will never be a valid state, on the other hand.

I just don't think it would be good to pick a different scan mode than
what was requested in this case. I'm sure Windows doesn't support
scanning localhost with -sA, either: what would we fall back on in
that case?

Good ponts, and I wasn't going to override chosen scan modes.  I was
thinking more of the case of "nmap [IP]" where no scan type was specified
and Nmap is supposed to choose.  On UNIX we do a SYN scan in that case if
we can (root privileges), and fall back to connect scan otherwise.  But if
an unprivileged user explicitly specifies -sS or -sA, we give an error
instead.  It would be nice to give similar treatment to localhost on
Windows so that the user can at least get port scan and version detection
results (and use those for NSE).  Yeah, it's a special case of just one
machine, but it is the one machine that is often most important to the Nmap
user.  But this behavior would be more complex on Windows than the UNIX
privilege testing case since it only needs to apply to localhost.  Any
other hosts scanned at the same time could use raw scans.

But yes, I think the output fix you suggest would be good too as a more
general fix and at least gets rid of 1,000 lines of ugly output.  Still,
it'd be nice of the user could actually get the portscan results.

Every time I see an MS employee I still nag them about adding back raw
sockets, but obviously it hasn't helped yet.

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]