Help - Search - Members - Calendar
Full Version: Nmap Is A Pain
OESF Forums > Distros, Development, and Model Specific Forums > Model Specific Forums > 5x00 General discussions
captg
sl5500, OZ 3.5.3, latest opie

I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0.

Got any other thoughts?

thanks,
--cg
bluedevils
and you can ping those targets?
koen
QUOTE(captg @ Mar 24 2006, 07:31 PM)
sl5500, OZ 3.5.3, latest opie

I've tried every nmap I can find, most install fine without errors. I can scan localhost, but anything else nmap hangs at the first output line "starting nmap ...". I'm thinking it might be a memory issue, I'm using the zImage-collie-32-32-20050407102515.bin image. I've tried all interfaces, eth0, usb0, wlan0.
*


I've also had problems with nmap on my ipaq (with 128mb ram). A security minded friend of mine said that nmap seems to have some strage issues on ARM cpus, so fingers crossded for the next version.
captg
QUOTE(bluedevils @ Mar 24 2006, 11:35 AM)
and you can ping those targets?
*


yeah, fails with -P0, -sP, -sS...

/proc for icmp is accept...for targets...

on the wire I see it ping the target, poke at some ports, then ask for layer 2/3 addressing and then flat dead no packets.

#nmap -sS -e eth0 192.168.0.25

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-03-24 00:07 UTC


tcpdump -i eth0 host 192.168.0.25
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes
00:06:54.667325 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 7704
00:06:54.667807 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 7704
00:06:54.675431 IP 192.168.0.130.43380 > 192.168.0.25.www: . ack 3922069406 win 2048
00:06:54.796964 IP 192.168.0.130.43356 > 192.168.0.25.https: S 2125676669:2125676669(0) win 3072
00:06:54.803189 IP 192.168.0.130.43356 > 192.168.0.25.domain: S 2125676669:2125676669(0) win 3072
00:06:54.809508 IP 192.168.0.130.43356 > 192.168.0.25.auth: S 2125676669:2125676669(0) win 4096
00:06:54.815894 IP 192.168.0.130.43356 > 192.168.0.25.1723: S 2125676669:2125676669(0) win 2048
00:06:54.822430 IP 192.168.0.130.43356 > 192.168.0.25.ldap: S 2125676669:2125676669(0) win 2048
00:06:54.828755 IP 192.168.0.130.43356 > 192.168.0.25.telnet: S 2125676669:2125676669(0) win 4096
00:06:54.835261 IP 192.168.0.130.43356 > 192.168.0.25.3389: S 2125676669:2125676669(0) win 1024
00:06:54.841629 IP 192.168.0.130.43356 > 192.168.0.25.smtp: S 2125676669:2125676669(0) win 2048
00:06:54.847946 IP 192.168.0.130.43356 > 192.168.0.25.ssh: S 2125676669:2125676669(0) win 3072
00:06:54.854622 IP 192.168.0.130.43356 > 192.168.0.25.www: S 2125676669:2125676669(0) win 1024

00:07:16.254179 IP 192.168.0.130 > 192.168.0.25: icmp 8: echo request seq 59736
00:07:16.254814 IP 192.168.0.25 > 192.168.0.130: icmp 8: echo reply seq 59736
00:07:16.266435 IP 192.168.0.130.58233 > 192.168.0.25.www: . ack 2559982174 win 3072
00:07:16.394403 IP 192.168.0.130.58212 > 192.168.0.25.smtp: S 2450382704:2450382704(0) win 2048
00:07:16.400623 IP 192.168.0.130.58212 > 192.168.0.25.1723: S 2450382704:2450382704(0) win 3072
00:07:16.406919 IP 192.168.0.130.58212 > 192.168.0.25.ldap: S 2450382704:2450382704(0) win 1024
00:07:16.413628 IP 192.168.0.130.58212 > 192.168.0.25.domain: S 2450382704:2450382704(0) win 3072
00:07:16.419744 IP 192.168.0.130.58212 > 192.168.0.25.3389: S 2450382704:2450382704(0) win 4096
00:07:16.426406 IP 192.168.0.130.58212 > 192.168.0.25.www: S 2450382704:2450382704(0) win 2048
00:07:16.432755 IP 192.168.0.130.58212 > 192.168.0.25.auth: S 2450382704:2450382704(0) win 1024
00:07:16.439136 IP 192.168.0.130.58212 > 192.168.0.25.ftp: S 2450382704:2450382704(0) win 1024
00:07:16.445654 IP 192.168.0.130.58212 > 192.168.0.25.ssh: S 2450382704:2450382704(0) win 2048
00:07:16.458030 IP 192.168.0.130.58212 > 192.168.0.25.rtsp: S 2450382704:2450382704(0) win 3072
00:07:21.250052 arp who-has 192.168.0.25 tell 192.168.0.130
00:07:21.250616 arp reply 192.168.0.25 is-at 00:0c:29:1f:ae:92


The space between streams is a second run of nmap. I'm thinking maybe interface adjustments or something of that nature...

cg
captg
Here's what Ive found for the sl5500 and nmap 3.81.

options -sS and -sT against a packet dropping firewall hangs nmap
option -sS against a packet rejecting firewall (xp) hangs nmap

no firewall on victim = works.

Any ideas?



--cg
Ferret-Simpson
I'm still on 3.00.

Not gonna change it, since it took 47 attempts to install it to start with.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.