Re: OS X 10.6 Problems with privileged scans

[Walt Scrivens <walts () gate net>]

OOPS!

I answered David's e-mal with one foot out the door and have been away  
all afternoon.
Here's the output after compiling with the patch:
=========================
Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-10-23 19:41 EDT
The max # of sockets we are using is: 0
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
Warning: Unable to open interface vmnet8 -- skipping it.
Warning: Unable to open interface vmnet1 -- skipping it.
Initiating Ping Scan at 19:41
Scanning 64.13.134.52 [4 ports]
Pcap filter: dst host 192.168.1.144 and (icmp or ((tcp or udp or sctp)  
and (src host 64.13.134.52)))
Packet capture filter (device en1): dst host 192.168.1.144 and (icmp  
or ((tcp or udp or sctp) and (src host 64.13.134.52)))
SENT (0.1530s) ICMP 192.168.1.144 > 64.13.134.52 echo request (type=8/ 
code=0) ttl=49 id=12314 iplen=28
SENT (0.1530s) TCP 192.168.1.144:59705 > 64.13.134.52:443 S ttl=52  
id=20636 iplen=44  seq=4131407077 win=1024 <mss 1460>
SENT (0.1530s) TCP 192.168.1.144:59705 > 64.13.134.52:80 A ttl=59  
id=15689 iplen=40  seq=4131407077 win=4096 ack=2628735480
SENT (0.1530s) ICMP 192.168.1.144 > 64.13.134.52 Timestamp request  
(type=13/code=0) ttl=45 id=48279 iplen=40
**TIMING STATS** (0.1530s): IP, probes active/freshportsleft/ 
retry_stack/outstanding/retranwait/onbench, cwnd/ssthresh/delay,  
timeout/srtt/rttvar/
   Groupstats (1/1 incomplete): 4/*/*/*/*/* 10.00/75/* 1000000/-1/-1
   64.13.134.52: 4/0/0/4/0/0 10.00/75/0 1000000/-1/-1
Current sending rates: 8810.57 packets / s, 334801.76 bytes / s.
Overall sending rates: 8810.57 packets / s, 334801.76 bytes / s.
c pcap_next

=============================

I hope that means something to you guys!

Walt

On Oct 23, 2009, at 6:18 PM, Tom Sellers wrote:

> Walt Scrivens wrote:
> > Yes, I applied the patch.  It doesn't have to be applied every time I
> > run nmap, does it?  I tried applying it again, and it wanted to
> > Reverse the patch, so I said No.
> > > Is that with the patch from
> > > http://seclists.org/nmap-dev/2009/q4/att-155/ 
> > > pcap_datalink_log.diff? I
> > > would have expected a "pcap_next" debug line near the end there.
> > >
> > > David Fifield
> Walt, have you recompiled after installing the patch?
>
> David, my primary machine has been in the shop for a few days
> (under warranty!).  It should be out early next week.  After a
> fresh OS install will help test this.
>
> I can tell you that my problems persisted even after making
> the permissions changes the interfaces.
>
> Tom
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/