Nmap Is A Pain - OESF Forums

Welcome Guest ( Log In | Register )

OESF Forums > Distros, Development, and Model Specific Forums > Model Specific Forums > 5x00 General discussions

Nmap Is A Pain

Options

captg View Member Profile	Mar 24 2006, 11:31 AM Post #1
Group: Members Posts: 6 Joined: 24-March 06 Member No.: 9,442	sl5500, OZ 3.5.3, latest opie I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0. Got any other thoughts? thanks, --cg

bluedevils View Member Profile	Mar 24 2006, 12:35 PM Post #2
Group: Members Posts: 1,284 Joined: 31-January 04 From: Vancouver, BC -> NYC, NY Member No.: 1,633	and you can ping those targets?

koen View Member Profile	Mar 24 2006, 01:07 PM Post #3
Group: Members Posts: 1,014 Joined: 4-January 05 From: Enschede, The Netherlands Member No.: 6,107	QUOTE(captg @ Mar 24 2006, 07:31 PM) sl5500, OZ 3.5.3, latest opie I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0. I've also had problems with nmap on my ipaq (with 128mb ram). A security minded friend of mine said that nmap seems to have some strage issues on ARM cpus, so fingers crossded for the next version.

captg View Member Profile	Mar 24 2006, 02:04 PM Post #4
Group: Members Posts: 6 Joined: 24-March 06 Member No.: 9,442	QUOTE(bluedevils @ Mar 24 2006, 11:35 AM) and you can ping those targets? yeah, fails with -P0, -sP, -sS... /proc for icmp is accept...for targets... on the wire I see it ping the target, poke at some ports, then ask for layer 2/3 addressing and then flat dead no packets. #nmap -sS -e eth0 192.168.0.25 Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-03-24 00:07 UTC tcpdump -i eth0 host 192.168.0.25 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes 00:06:54.667325 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 7704 00:06:54.667807 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 7704 00:06:54.675431 IP 192.168.0.130.43380 > 192.168.0.25.www: . ack 3922069406 win 2048 00:06:54.796964 IP 192.168.0.130.43356 > 192.168.0.25.https: S 2125676669:2125676669(0) win 3072 00:06:54.803189 IP 192.168.0.130.43356 > 192.168.0.25.domain: S 2125676669:2125676669(0) win 3072 00:06:54.809508 IP 192.168.0.130.43356 > 192.168.0.25.auth: S 2125676669:2125676669(0) win 4096 00:06:54.815894 IP 192.168.0.130.43356 > 192.168.0.25.1723: S 2125676669:2125676669(0) win 2048 00:06:54.822430 IP 192.168.0.130.43356 > 192.168.0.25.ldap: S 2125676669:2125676669(0) win 2048 00:06:54.828755 IP 192.168.0.130.43356 > 192.168.0.25.telnet: S 2125676669:2125676669(0) win 4096 00:06:54.835261 IP 192.168.0.130.43356 > 192.168.0.25.3389: S 2125676669:2125676669(0) win 1024 00:06:54.841629 IP 192.168.0.130.43356 > 192.168.0.25.smtp: S 2125676669:2125676669(0) win 2048 00:06:54.847946 IP 192.168.0.130.43356 > 192.168.0.25.ssh: S 2125676669:2125676669(0) win 3072 00:06:54.854622 IP 192.168.0.130.43356 > 192.168.0.25.www: S 2125676669:2125676669(0) win 1024 00:07:16.254179 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 59736 00:07:16.254814 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 59736 00:07:16.266435 IP 192.168.0.130.58233 > 192.168.0.25.www: . ack 2559982174 win 3072 00:07:16.394403 IP 192.168.0.130.58212 > 192.168.0.25.smtp: S 2450382704:2450382704(0) win 2048 00:07:16.400623 IP 192.168.0.130.58212 > 192.168.0.25.1723: S 2450382704:2450382704(0) win 3072 00:07:16.406919 IP 192.168.0.130.58212 > 192.168.0.25.ldap: S 2450382704:2450382704(0) win 1024 00:07:16.413628 IP 192.168.0.130.58212 > 192.168.0.25.domain: S 2450382704:2450382704(0) win 3072 00:07:16.419744 IP 192.168.0.130.58212 > 192.168.0.25.3389: S 2450382704:2450382704(0) win 4096 00:07:16.426406 IP 192.168.0.130.58212 > 192.168.0.25.www: S 2450382704:2450382704(0) win 2048 00:07:16.432755 IP 192.168.0.130.58212 > 192.168.0.25.auth: S 2450382704:2450382704(0) win 1024 00:07:16.439136 IP 192.168.0.130.58212 > 192.168.0.25.ftp: S 2450382704:2450382704(0) win 1024 00:07:16.445654 IP 192.168.0.130.58212 > 192.168.0.25.ssh: S 2450382704:2450382704(0) win 2048 00:07:16.458030 IP 192.168.0.130.58212 > 192.168.0.25.rtsp: S 2450382704:2450382704(0) win 3072 00:07:21.250052 arp who-has 192.168.0.25 tell 192.168.0.130 00:07:21.250616 arp reply 192.168.0.25 is-at 00:0c:29:1f:ae:92 The space between streams is a second run of nmap. I'm thinking maybe interface adjustments or something of that nature... cg

captg View Member Profile	Mar 26 2006, 12:31 AM Post #5
Group: Members Posts: 6 Joined: 24-March 06 Member No.: 9,442	Here's what Ive found for the sl5500 and nmap 3.81. options -sS and -sT against a packet dropping firewall hangs nmap option -sS against a packet rejecting firewall (xp) hangs nmap no firewall on victim = works. Any ideas? --cg

Ferret-Simpson View Member Profile	Mar 29 2006, 02:49 PM Post #6
Group: Members Posts: 573 Joined: 8-June 05 Member No.: 7,295	I'm still on 3.00. Not gonna change it, since it took 47 attempts to install it to start with.

« Next Oldest · 5x00 General discussions · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 22nd May 2013 - 08:33 PM

Licensed to: Roy El-Rayes, oesf.org