Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap -sT localhost showing ephemeral ports?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 14 Feb 2014 11:21:26 -0600

On 02/08/2014 05:33 PM, Kris Katterjohn wrote:
On 02/08/2014 04:09 PM, Jacek Wielemborek wrote:

20:17:03    bonsaiviking $ <ketilmore6>  turns out the nmap -p 1-65000 was
finding open ports by accident because source port sometimes was equal to
destination port. (birthday paradox)
20:17:07    bonsaiviking $ wtf
20:18:58    bonsaiviking $ confirmed on svn r32703
20:19:31    bonsaiviking $ but only with -sT


What do you think about it?

I didn't feel like reading the IRC log, but this seems reasonable
enough... I fixed this problem in raw scans a long time ago[1] (r4368).

I'm interested to know how many operating systems do this with
connect().  How many different systems have been tested?

I think the attached patch detects and fixes this. It seems to work on my Linux system, and I think I haven't used any non-portable calls. I'd appreciate testing.


Attachment: self-connect.diff

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]