Nmap Development mailing list archives
Re: new Win install fails beyond localhost
From: David Fifield <david () bamsoftware com>
Date: Fri, 12 Mar 2010 15:53:42 -0700
On Tue, Mar 09, 2010 at 03:30:30PM -0600, Norris Carden wrote:
Results as requested... thanks for pointing out these options.. nmap --iflist Starting Nmap 5.21 ( http://nmap.org ) at 2010-03-09 15:13 Central Standard Time ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC eth0 (eth0) 10.1.1.XX/24 ethernet up 00:00:00:00:00:00 lo0 (lo0) 127.0.0.1/8 loopback up DEV WINDEVICE eth0 \Device\NPF_{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} lo0 <none> <none> \Device\NPF_{ZZZZZZZZ-ZZZZ-ZZZZ-ZZZZ-ZZZZZZZZZZZZ} <none> \Device\NPF_{YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY} **************************ROUTES************************** DST/MASK DEV GATEWAY 10.255.255.255/32 eth0 10.1.1.1 10.1.1.XX/32 lo0 127.0.0.1 255.255.255.255/32 eth0 10.1.1.XX 10.1.1.0/0 eth0 10.1.1.XX 127.0.0.0/0 lo0 127.0.0.1 224.0.0.0/0 eth0 10.1.1.XX 0.0.0.0/0 eth0 10.1.1.1 nmap -sP -d3 -PE -PA21,23,80,3389 10.1.1.0/29 (this should find 6 responding IPs). Nmap scan report for 10.1.1.0 [host down, received no-response] Nmap scan report for 10.1.1.1 [host down, received no-response] Nmap scan report for 10.1.1.2 [host down, received no-response] Nmap scan report for 10.1.1.3 [host down, received no-response] Nmap scan report for 10.1.1.4 [host down, received no-response] Nmap scan report for 10.1.1.5 [host down, received no-response] Nmap scan report for 10.1.1.6 [host down, received no-response] Nmap scan report for 10.1.1.7 [host down, received no-response]
I think this has now been fixed. http://seclists.org/nmap-dev/2010/q1/845 The eth0 device has the address and netmask 10.1.1.XX/24, so Nmap was considering all the 10.1.1.0/29 hosts directly connected and was using ARP scan for them. But the routing table entry
10.1.1.0/0 eth0 10.1.1.XX
should have overridden that, and caused traffic to be routed through the gateway. Unfortunately, I can't think of a workaround for this short of building the newer version from source, but it will be in the next release. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- new Win install fails beyond localhost Norris Carden (Mar 09)
- Re: new Win install fails beyond localhost David Fifield (Mar 09)
- RE: new Win install fails beyond localhost Norris Carden (Mar 09)
- Re: new Win install fails beyond localhost David Fifield (Mar 09)
- RE: [BULK] Re: new Win install fails beyond localhost Norris Carden (Mar 09)
- RE: [BULK] Re: new Win install fails beyond localhost Norris Carden (Mar 10)
- Re: new Win install fails beyond localhost David Fifield (Mar 12)
- RE: new Win install fails beyond localhost Norris Carden (Mar 09)
- Re: new Win install fails beyond localhost David Fifield (Mar 09)