Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BUG: nping overflow

From: miniBill <cmt.minibill () gmail com>
Date: Fri, 23 Apr 2010 15:49:28 +0200
2010/4/23 David Fifield <david () bamsoftware com>:

I don't think anything is overflowing, nor is the second scan getting
replies from the first. There are no replies, which is typical for UDP
ping.

I see. So what is it useful for if I get no replies, I'm a bit confused.


The other RCVDs look like your machine making normal domain name queries
to different servers.

RCVD (0.7630s) UDP 192.168.1.4:48180 > 216.239.36.10:53 ttl=64 id=37617 iplen=80
RCVD (0.8120s) UDP 192.168.1.4:54660 > 216.239.36.10:53 ttl=64 id=37618 iplen=80
RCVD (0.8640s) UDP 192.168.1.4:29937 > 216.239.32.10:53 ttl=64 id=1187 iplen=80
RCVD (1.0070s) UDP 192.168.1.4:22781 > 216.239.34.10:53 ttl=64 id=10654 iplen=80
RCVD (1.0070s) UDP 192.168.1.4:17586 > 216.239.38.10:53 ttl=64 id=6261 iplen=80
RCVD (2.0080s) UDP 192.168.1.4:48831 > 199.7.83.42:53 ttl=64 id=39759 iplen=71

Those IP addresses are
ns3.google.com (216.239.36.10)
ns1.google.com (216.239.32.10)
ns2.google.com (216.239.34.10)
ns4.google.com (216.239.38.10)
l.root-servers.net (199.7.83.42)

So Luis, I think you want to check out the filter code.

David Fifield



LOL, so that's why it was difficult to reproduce XDXDXD
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: