Nmap Development mailing list archives
Wild TTL value
From: Gisle Vanem <gvanem () broadpark no>
Date: Wed, 01 May 2013 16:46:52 +0200
There seems to be a problem with how libnetutil/netutil.cc is setting the IP-TTL value on sockets; from nmap on Win32 linked with a WinSock tracing lib:
* libnetutil/netutil.cc(871) (set_ttl+34): setsockopt (1780, IPPROTO_IP, IP_TTL, ULONG_MAX, 4) --> WSAEINVAL: Invalid arguments (10022). I mean, why set TTL to such a high value? The IP-TTL field is only 8 bits. No wonder Winsock complains. I know about the "nmap --ttl" option but IMHO the default should be bounded to 255 max like this: --- SVN-Latest\libnetutil\netutil.cc Thu Apr 25 10:06:07 2013 +++ libnetutil\netutil.cc Wed May 01 16:41:30 2013 @@ -868,6 +868,7 @@ if (sd == -1) return; + ttl = max (min(ttl, 255), 255); setsockopt(sd, IPPROTO_IP, IP_TTL, (const char *) &ttl, sizeof ttl); #endif } ---------Or better, the caller of set_ttl() should fix it. It is obviously passing a ttl of '-1'.
--gv _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)
- Re: Wild TTL value Gisle Vanem (May 02)
- Re: Wild TTL value Gisle Vanem (May 01)
- Re: Wild TTL value David Fifield (May 01)