Nmap Development mailing list archives
Re[2]: UDP traceroute does not work to google.com
From: "Sriram Rajan" <sriram.r () vit in>
Date: Wed, 07 Jan 2015 13:05:20 +0000
Hi Daniel & Nmap-dev, You were right about the unprivileged option. However, I could not get the traceroute over UDP with these options below. It still does a traceroute over ICMP. Any means of restricing this to UDP in nmap ? $ sudo nmap -v -n -PU -Pn -sn --traceroute google.com Starting Nmap 6.47 ( http://nmap.org ) at 2015-01-07 12:51 UTC ...(truncated).... TRACEROUTE (using proto 1/icmp) ... I have seen UDP here once. But the proto has been stuck at icmp since. Regards, Sriram On Tue, Jan 6, 2015 at 07:46 PM, Daniel Miller wrote: On Tue, Jan 6, 2015 at 5:23 AM, wrote: Hi All, I need to replicate traceroute functionality using nmap. However, I find that nmap fails when used with UDP protocol. Here is the command output for a trace to google.com (http://google.com). Despite root escalation, I get the warning: Traceroute has to be run as root, disabling... Please advice. Thanks, Sriram R ------- # nmap -u --traceroute -sP 74.125130.101 Sriram, Nmap does not have a "-u" option. Because of the way GNU getopt works, this is translated into the only long option starting with a "u", namely "--unprivileged". This option tells Nmap to behave as though it did NOT have root permission, regardless of whether it actually does. That is why you get the message that traceroute requires root privilege. Instead, what you probably want is the "-PU" option, which tells Nmap to use a UDP packet for host discovery. The traceroute engine uses the "best" port or protocol available from previous stages, so you must limit previous stages (host discovery, in this case) to use UDP only. By default, this uses port 40125, but you can specify a different port by appending it to the option: -PU123 for example. One final note: Nmap 5.21 is 5 years old. The current version is 6.47. Dan
Attachment:
nmap_cmd_ICMP_traceroute.txt
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- UDP traceroute does not work to google.com sriram . r (Jan 06)
- Re: UDP traceroute does not work to google.com Daniel Miller (Jan 06)
- Re[2]: UDP traceroute does not work to google.com Sriram Rajan (Jan 07)
- Re: UDP traceroute does not work to google.com David Fifield (Jan 07)
- Re: Re[2]: UDP traceroute does not work to google.com Daniel Miller (Jan 07)
- Re[2]: UDP traceroute does not work to google.com Sriram Rajan (Jan 07)
- Re: UDP traceroute does not work to google.com Daniel Miller (Jan 06)