Nmap Development mailing list archives
Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far)
From: Fredrik Pettai <pettai () nordu net>
Date: Tue, 23 Mar 2010 18:19:34 +0100
On Mar 23, 2010, at 5:57 PM, David Fifield wrote:
On Tue, Mar 23, 2010 at 05:28:29PM +0100, Fredrik Pettai wrote:I've noted two problems that has surfaced in between the release of nmap5.00 (2009-07-15) -> 5.10BETA1 (2009-11-23). First one, traceroute doesn't work any more on *BSD system. I'veverified this on NetBSD, Mac OS X (I haven't verified OpenBSD, but thisprobably broken there as well). FreeBSD status is unknown.Thanks for taking the time to report this. Please post the output that you see. Make sure to run Nmap with the -d option to get debuggingoutput. I tested just now and traceroute works for me on OS X (with thelatest SVN version; I didn't test 5.10BETA1).
I haven't tested the SVN version but 5.21 still fails both for NetBSD and MacOSX (Leopard). I started with 5.21 first on both platforms and backed back as long as I could towards 5.00 where the problems wheren't present. (I used the released tarballs, hence I noted that it was present in 5.10BETA1).
Here is debug output from a NetBSD host: -bash-4.0$ nmap -d --traceroute ping.sunet.se Starting Nmap 5.21 ( http://nmap.org ) at 2010-03-23 18:05 CET Warning: Traceroute does not support idle or connect scan, disabling... PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0) --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- Initiating Ping Scan at 18:05 Scanning ping.sunet.se (192.36.125.18) [2 ports] Completed Ping Scan at 18:05, 0.00s elapsed (1 total hosts) Overall sending rates: 3125.00 packets / s. mass_rdns: Using DNS server ::1 mass_rdns: Using DNS server 127.0.0.1 mass_rdns: Using DNS server 2001:6b0:8::78 mass_rdns: Using DNS server 193.10.5.78 Initiating Parallel DNS resolution of 1 host. at 18:05 mass_rdns: 0.26s 0/1 [#: 4, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 18:05, 0.26s elapsedDNS resolution of 1 IPs took 0.26s. Mode: Async [#: 4, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 18:05 Scanning ping.sunet.se (192.36.125.18) [1000 ports] Discovered open port 25/tcp on 192.36.125.18 Discovered open port 22/tcp on 192.36.125.18 Increased max_successful_tryno for 192.36.125.18 to 1 (packet drop)Increasing send delay for 192.36.125.18 from 0 to 5 due to 44 out of 145 dropped probes since last increase.
Discovered open port 5666/tcp on 192.36.125.18 Discovered open port 13782/tcp on 192.36.125.18 Discovered open port 13783/tcp on 192.36.125.18 Completed Connect Scan at 18:06, 18.12s elapsed (1000 total ports) Overall sending rates: 59.33 packets / s. Nmap scan report for ping.sunet.se (192.36.125.18) Host is up, received conn-refused (0.00023s latency). Scanned at 2010-03-23 18:05:55 CET for 18s Not shown: 993 closed ports Reason: 993 conn-refused PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 25/tcp open smtp syn-ack 5666/tcp open nrpe syn-ack 13782/tcp open netbackup syn-ack 13783/tcp open netbackup syn-ack Final times for host: srtt: 228 rttvar: 36 to: 100000 Read from /usr/pkg/share/nmap: nmap-services. Nmap done: 1 IP address (1 host up) scanned in 18.45 seconds
The other, more problematic error (not present on Mac OS X AFAIK), is then you run nmap as root on NetBSD, you get this error: # ./nmap -A ping.sunet.se Starting Nmap 5.10BETA1 ( http://nmap.org ) at 2010-03-23 16:35 CET WARNING: Unable to find appropriate interface for system route to 193.10.5.1 WARNING: Unable to find appropriate interface for system route to 127.0.0.1 WARNING: Unable to find appropriate interface for system route to 127.0.0.1 Target* nexthost(HostGroupState*, TargetGroup*, scan_lists*, int): failed to determine route to ping.sunet.se (192.36.125.18) QUITTING! However, running as a normal user, it works as expected.This is probably not an error related to NetBSD, but to the routing table on this particular host. Please send in the output of "nmap --iflist". Some bugs related to routing were fixed recently and aren't yet in an official release, and this might be affecting you.
This is quite much output, I'll send you that off-list. Regards, /P _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) Kris Katterjohn (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) Patrik Karlsson (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) (traceroute) David Fifield (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) Fredrik Pettai (Mar 23)
- Re: nmap errors on *BSDs (noted on NetBSD and MacOSX, so far) David Fifield (Mar 23)