Nmap Development mailing list archives
Re: [PATCH] --ttl and connect() scans (and traceroute?)
From: Fyodor <fyodor () insecure org>
Date: Sat, 13 Oct 2007 23:35:40 -0700
On Sat, Oct 13, 2007 at 04:35:12PM -0500, Kris Katterjohn wrote:
Hi everyone! I have attached a patch to enable --ttl to work with connect() scans (-sT). As long as the system supports the setsockopt IP_TTL option, it sets it.From googling, it looks like most systems support this (Linux, BSD, OS X,Windows). I've tested it on Linux and verified it with Wireshark.
Looks good to me! Please check it in.
Hey Eddie, do you think you can use IP_TTL for --traceroute as well?
He would need a way to receive the TTL exceeded messages too. I was about to say "if that was possible, the traceroute program wouldn't need to be setuid". But then I noticed that my /bin/traceroute ISN'T setuid and still seems to work as an unprivileged user. Hmm. An strace of traceroute shows stuff like: setsockopt(6, SOL_IP, IP_RECVTTL, [1], 4) = 0 setsockopt(6, SOL_IP, IP_TTL, [2], 4) = 0 setsockopt(6, SOL_IP, IP_RECVERR, [1], 4) = 0 So maybe it is possible. Whether it is worth adding that support to Nmap depends on how portable it is and how much code is needed. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] --ttl and connect() scans (and traceroute?) Kris Katterjohn (Oct 13)
- Re: [PATCH] --ttl and connect() scans (and traceroute?) Fyodor (Oct 13)
- Re: [PATCH] --ttl and connect() scans (and traceroute?) Eddie Bell (Oct 14)
- Re: [PATCH] --ttl and connect() scans (and traceroute?) Kris Katterjohn (Oct 14)
- Re: [PATCH] --ttl and connect() scans (and traceroute?) Eddie Bell (Oct 14)
- Re: [PATCH] --ttl and connect() scans (and traceroute?) Fyodor (Oct 13)