Nmap Development mailing list archives
Re: Nmap does not respect --send-ip
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 29 Mar 2011 17:27:41 -0500
Are you sure it isn't working? In order to send an IP (layer 3) packet to a host on the local subnet, your machine must learn the layer 2 address that corresponds to the IP address. For ethernet (at least), the way it does this is ARP. The only way to get around this would be to have static ARP tables on your machine, which defeats the purpose of host discovery. Dan On Tue, Mar 29, 2011 at 4:15 PM, K <komseh () gmail com> wrote:
When trying to prevent Nmap from sending ARP requests for host discovery on a local subnet, --send-ip is pretty much our only option. Unfortunately the switch has not been functional for quite some time. This option is needed to evade ARP rate inspection rules and other wonky configurations that might produce false positives/negatives for live hosts. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap does not respect --send-ip K (Mar 29)
- Re: Nmap does not respect --send-ip Daniel Miller (Mar 29)