Re: [PATCH] --bad CRC

[Fyodor <fyodor () insecure org>]

On Wed, Dec 21, 2005 at 08:54:33PM +0100, Ed3f wrote:
> I have written a very simple patch for 3.95 that adds a "--bad" option.

Hi Ed3f, thanks for the patch! I think a simple flag (as you have
done) is the way to do this, rather than adding a special scan type.
The option name should probably be something more descriptive (like
--badcksum).  Doing it in in_cksum() is clever, but it may be best to
change the code in the handful of functions that call in_cksum()
instead.  That way you can still do things like send DNS requests with
proper checksums.  Plus (as you noted), Nmap uses in_cksum to check
the checksum of some incoming packets, so it is undesirable to break
the whole function.  Also, in your rand() implementation, one packet
out of every 65K will go out with a proper checksum by luck.  It might
be better to just subtract/add a constant number from the proper value
computed by in_cksum so that it is always wrong.  Also, the change
should be documented in the man page
(http://www.insecure.org/nmap/data/nmap-man.xml).

If you or someone else can address these issues, it is definitely
something I'd conider integrating.  Or I may get to it myself eventually.

Cheers,
Fyodor



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev