OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Nmap Is A Pain
captg
post Mar 24 2006, 11:31 AM
Post #1





Group: Members
Posts: 6
Joined: 24-March 06
Member No.: 9,442



sl5500, OZ 3.5.3, latest opie

I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0.

Got any other thoughts?

thanks,
--cg
Go to the top of the page
 
+Quote Post
bluedevils
post Mar 24 2006, 12:35 PM
Post #2





Group: Members
Posts: 1,284
Joined: 31-January 04
From: Vancouver, BC -> NYC, NY
Member No.: 1,633



and you can ping those targets?
Go to the top of the page
 
+Quote Post
koen
post Mar 24 2006, 01:07 PM
Post #3





Group: Members
Posts: 1,014
Joined: 4-January 05
From: Enschede, The Netherlands
Member No.: 6,107



QUOTE(captg @ Mar 24 2006, 07:31 PM)
sl5500, OZ 3.5.3, latest opie

I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0.
*


I've also had problems with nmap on my ipaq (with 128mb ram). A security minded friend of mine said that nmap seems to have some strage issues on ARM cpus, so fingers crossded for the next version.
Go to the top of the page
 
+Quote Post
captg
post Mar 24 2006, 02:04 PM
Post #4





Group: Members
Posts: 6
Joined: 24-March 06
Member No.: 9,442



QUOTE(bluedevils @ Mar 24 2006, 11:35 AM)
and you can ping those targets?
*


yeah, fails with -P0, -sP, -sS...

/proc for icmp is accept...for targets...

on the wire I see it ping the target, poke at some ports, then ask for layer 2/3 addressing and then flat dead no packets.

#nmap -sS -e eth0 192.168.0.25

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-03-24 00:07 UTC


tcpdump -i eth0 host 192.168.0.25
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes
00:06:54.667325 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 7704
00:06:54.667807 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 7704
00:06:54.675431 IP 192.168.0.130.43380 > 192.168.0.25.www: . ack 3922069406 win 2048
00:06:54.796964 IP 192.168.0.130.43356 > 192.168.0.25.https: S 2125676669:2125676669(0) win 3072
00:06:54.803189 IP 192.168.0.130.43356 > 192.168.0.25.domain: S 2125676669:2125676669(0) win 3072
00:06:54.809508 IP 192.168.0.130.43356 > 192.168.0.25.auth: S 2125676669:2125676669(0) win 4096
00:06:54.815894 IP 192.168.0.130.43356 > 192.168.0.25.1723: S 2125676669:2125676669(0) win 2048
00:06:54.822430 IP 192.168.0.130.43356 > 192.168.0.25.ldap: S 2125676669:2125676669(0) win 2048
00:06:54.828755 IP 192.168.0.130.43356 > 192.168.0.25.telnet: S 2125676669:2125676669(0) win 4096
00:06:54.835261 IP 192.168.0.130.43356 > 192.168.0.25.3389: S 2125676669:2125676669(0) win 1024
00:06:54.841629 IP 192.168.0.130.43356 > 192.168.0.25.smtp: S 2125676669:2125676669(0) win 2048
00:06:54.847946 IP 192.168.0.130.43356 > 192.168.0.25.ssh: S 2125676669:2125676669(0) win 3072
00:06:54.854622 IP 192.168.0.130.43356 > 192.168.0.25.www: S 2125676669:2125676669(0) win 1024

00:07:16.254179 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 59736
00:07:16.254814 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 59736
00:07:16.266435 IP 192.168.0.130.58233 > 192.168.0.25.www: . ack 2559982174 win 3072
00:07:16.394403 IP 192.168.0.130.58212 > 192.168.0.25.smtp: S 2450382704:2450382704(0) win 2048
00:07:16.400623 IP 192.168.0.130.58212 > 192.168.0.25.1723: S 2450382704:2450382704(0) win 3072
00:07:16.406919 IP 192.168.0.130.58212 > 192.168.0.25.ldap: S 2450382704:2450382704(0) win 1024
00:07:16.413628 IP 192.168.0.130.58212 > 192.168.0.25.domain: S 2450382704:2450382704(0) win 3072
00:07:16.419744 IP 192.168.0.130.58212 > 192.168.0.25.3389: S 2450382704:2450382704(0) win 4096
00:07:16.426406 IP 192.168.0.130.58212 > 192.168.0.25.www: S 2450382704:2450382704(0) win 2048
00:07:16.432755 IP 192.168.0.130.58212 > 192.168.0.25.auth: S 2450382704:2450382704(0) win 1024
00:07:16.439136 IP 192.168.0.130.58212 > 192.168.0.25.ftp: S 2450382704:2450382704(0) win 1024
00:07:16.445654 IP 192.168.0.130.58212 > 192.168.0.25.ssh: S 2450382704:2450382704(0) win 2048
00:07:16.458030 IP 192.168.0.130.58212 > 192.168.0.25.rtsp: S 2450382704:2450382704(0) win 3072
00:07:21.250052 arp who-has 192.168.0.25 tell 192.168.0.130
00:07:21.250616 arp reply 192.168.0.25 is-at 00:0c:29:1f:ae:92


The space between streams is a second run of nmap. I'm thinking maybe interface adjustments or something of that nature...

cg
Go to the top of the page
 
+Quote Post
captg
post Mar 26 2006, 12:31 AM
Post #5





Group: Members
Posts: 6
Joined: 24-March 06
Member No.: 9,442



Here's what Ive found for the sl5500 and nmap 3.81.

options -sS and -sT against a packet dropping firewall hangs nmap
option -sS against a packet rejecting firewall (xp) hangs nmap

no firewall on victim = works.

Any ideas?



--cg
Go to the top of the page
 
+Quote Post
Ferret-Simpson
post Mar 29 2006, 02:49 PM
Post #6





Group: Members
Posts: 573
Joined: 8-June 05
Member No.: 7,295



I'm still on 3.00.

Not gonna change it, since it took 47 attempts to install it to start with.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 28th November 2014 - 04:15 AM