Re: Problems converting Dnet names to WinPcap

[Fyodor <fyodor () insecure org>]

On Thu, Jun 05, 2008 at 07:07:42PM -0400, Mike pattrick wrote:
> Hey everyone,
>
> David and I have been discussing how dubious the for loop near line
> 350 of output.cc is. To recap, it is the loop that prints out the
> following information:
> DEV  WINDEVICE
> eth0 \Device\NPF_{43939745-59EC-4539-AA18-FA1950DEABD7}
> eth1 \Device\NPF_{2E9F517C-BB63-4CDC-88DC-9EE3BC9F8270}
> ...
>
> The problem is, it gets information from Dnet for the 'dev' names and
> WinPcap for the 'windevice' names and just assumes that they will be
> in the proper order(actually reverse order for some odd reason). There
> is really no guarantee that these two names will correctly line up and
> I have discovered that they sometimes get mixed up when bridging
> network devices[1]. David suggested using the DnetName2PcapName
> function, however this function relies on IP addresses, so cant return
> proper results for interfaces with no IP set; it also doesn't return
> anything for local host and handles bridged connections poorly[2].
>
> Can anyone else think of a way to properly relate a Dnet name to a WinPcap name?

Hi Mike.  Good points.  I'm not sure of the best way to handle this,
but I agree that it is a very important issue.  While Rob's installer
fix seems to resolve the "dnet: Failed to open device" error for many
people, I believe that it still may come up for others due to the
problem you bring up.  So we should really try to find a good fix for
it.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org