Nmap Development mailing list archives
Re: host discovery fails - Nmap, tap interface and OpenVPN
From: Agapito Malteni <sruloasegreto () aol com>
Date: Tue, 3 Apr 2012 18:29:45 +0200
Thanks for the reply David, Here is the output of the preceding commands. There is no difference in the output between run them first/after a OS ping command. ipconfig output (tap device) Address IPv4. . . . . . . . . . . . . : 192.168.5.1 Subnet mask . . . . . . . . . . . . . : 255.255.255.0 Default gateway . . . . . . . . . . . : route print 192.168.6.0 255.255.255.0 192.168.5.99 192.168.5.1 31 192.168.7.0 255.255.255.0 192.168.5.99 192.168.5.1 31 192.168.5.0 255.255.255.0 On-link 192.168.5.1 286 192.168.5.99 255.255.255.255 On-link 192.168.5.1 286 192.168.5.255 255.255.255.255 On-link 192.168.5.1 286 nmap --iflist Interfaces eth13 (eth13) 192.168.5.1/24 ethernet up 1500 XX:XX:XX:XX:XX:XX Dev WinDevice eth13 \Device\NPF_{XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX} Routes 192.168.5.1/32 eth13 192.168.5.1 192.168.5.0/24 eth13 192.168.5.1 192.168.6.0/24 eth13 192.168.5.99 192.168.7.0/24 eth13 192.168.5.99 Only a thing I have discovered just now. If I configure a default gateway on the tap device (with a huge metric in manner that the real gateway continue working) the ipconfig command returns this: Address IPv4. . . . . . . . . . . . . : 192.168.5.1 Subnet mask . . . . . . . . . . . . . : 255.255.255.0 Default gateway . . . . . . . . . . . :192.168.5.99 And nmap doesn't experience this huge issue, so the problem doesn't occur and the host discovery nmap works perfectly even if the OS ping command hadn't been run before. Please explain this strange behavior. Il giorno 03 aprile 2012 03:00, David Fifield <david () bamsoftware com> ha scritto:
On Fri, Mar 30, 2012 at 04:32:36PM +0200, Agapito Malteni wrote:Hi, I'm using nmap (version 5.51) on Windows 7 64bit. I'm connected to a vpn (OpenVPN in tap ethernet bridging mode) A virtual device (tap) is used by Nmap and I'm scanning targets belonging to a vpn. Here is my network configuration (only meaningful) Tap device Address IPv4. . . . . . . . . . . . . : 192.168.5.1 Subnet mask . . . . . . . . . . . . . : 255.255.255.0 Default gateway . . . . . . . . . . . : route print Network address Mask Gateway Interface Metrics 192.168.6.0 255.255.255.0 192.168.5.99 192.168.5.1 31 192.168.7.0 255.255.255.0 192.168.5.99 192.168.5.1 31 The preceding routes are injected by the OpenVPN server. My IP is on network 192.168.5.0 and can reach networks 192.168.6.0,192.168.7.0 via gateway 192.168.5.99.Can you show us "ipconfig", "route print", and "nmap --iflist" both before and after doing the OS ping? You can cut out any parts that you don't think are unnecessary. Somehow Nmap seems to think that the target is on a routed network in the first case, and correctly determines that it is on the same subnet in the second case. This usually has to do with interfaces, not routes. But seeing the --iflist output will help us find out what's happening. David Fifield
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: host discovery fails - Nmap, tap interface and OpenVPN David Fifield (Apr 02)
- Re: host discovery fails - Nmap, tap interface and OpenVPN Agapito Malteni (Apr 03)