Nmap Development mailing list archives
Re: nmap and routing problems
From: Peter Gordon <peter () pg-consultants com>
Date: Thu, 19 Feb 2009 20:38:42 +0200
Hi.
Progress has been made !
I ran the latest version of nmap -4.85BETA3:
./nmap -e eth0 --unprivileged 10.10.10.71
and received the message "Host seems down".
The problem is with the socket connection. The -e flag doesn't seem to
be doing anything. What it should be doing is a bind to the IP of the
requested port.
Without -e option
strace -f -enetwork ./nmap --unprivileged 10.10.10.71
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
Starting Nmap 4.85BETA3 ( http://nmap.org ) at 2009-02-19 20:32 IST
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0
setsockopt(3, SOL_IP, IP_TTL, [-1], 4) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(80),
sin_addr=inet_addr("10.10.10.71")}, 16) = -1 ENETUNREACH (Network is
unreachable)
With -e option
strace -f -enetwork ./nmap -e eth0 --unprivileged 10.10.10.71
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
Starting Nmap 4.85BETA3 ( http://nmap.org ) at 2009-02-19 20:33 IST
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_SOCKET, SO_LINGER, {onoff=1, linger=0}, 8) = 0
setsockopt(3, SOL_IP, IP_TTL, [-1], 4) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(80),
sin_addr=inet_addr("10.10.10.71")}, 16) = -1 ENETUNREACH (Network is
unreachable)
Regards,
Peter
On Thu, 2009-02-19 at 08:25 -0700, David Fifield wrote:
On Thu, Feb 19, 2009 at 10:25:30AM +0200, Peter Gordon wrote:Here is the information you requested. As you can see, route -n is empty, as is /proc/net/route. "ip route" apparently does not write to /proc/net/route - on the other hand I don't know if or where it does write to.I don't know yet how to deal with this. As a workaround you can try running Nmap with the --unprivileged option. That will use normal system calls to send packets, bypassing Nmap's normal route determination.Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-02-19 10:13 ISTNmap 4.11 is pretty old but I don't think that's the problem here. David Fifield
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- nmap and routing problems Peter Gordon (Feb 18)
- Re: nmap and routing problems David Fifield (Feb 18)
- Re: nmap and routing problems Peter Gordon (Feb 19)
- Re: nmap and routing problems David Fifield (Feb 19)
- Re: nmap and routing problems Peter Gordon (Feb 19)
- Re: nmap and routing problems kx (Feb 19)
- Re: nmap and routing problems David Fifield (Feb 19)
- Re: nmap and routing problems David Fifield (Feb 19)
- Re: nmap and routing problems Peter Gordon (Feb 19)
- Re: nmap and routing problems Peter Gordon (Feb 19)
- Re: nmap and routing problems David Fifield (Feb 18)