VERY annoying nmap problem. (solved)
jason
jason at monsterjam.org
Sat Mar 29 08:35:24 PST 2003
yeah, I know the -sU is for UDP scans. Im using ipfw. Im 99.9% sure
my firewall rules didnt change from version to version of nmap, but damn,
youre right! scanning with my firewall disabled worked. Good catch. I
guess ill have to play with my ipfw rules now. Thanks.
Jason
On Sat, 29 Mar 2003, Dru wrote:
>
>
> On Sat, 29 Mar 2003, jason wrote:
>
> > This has been going on since version 3.0 of nmap for freebsd..
> >
> > su-2.05b# uname -a
> > FreeBSD monsterjam.org 4.8-RC FreeBSD 4.8-RC #0: Mon Mar 10 16:54:44
> >
> > su-2.05b# nmap -sU 10.1.1.10
> >
> > Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
> > sendto in send_udp_raw: sendto(3, packet, 28, 0, 10.1.1.10, 16) =>
> > Permission denied
> > Sleeping 15 seconds then retrying
> > ^Ccaught SIGINT signal, cleaning up
> > su-2.05b#
> >
> > this is nmap installed from the ports. I have tried it from source and get
> > the same thing. regular port scans work though
> >
> > su-2.05b# nmap 10.1.1.10
> >
> > Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
> > Interesting ports on bush (10.1.1.10):
> > (The 1595 ports scanned but not shown below are in state: closed)
> > Port State Service
> > 22/tcp open ssh
> > 111/tcp open sunrpc
> > 139/tcp open netbios-ssn
> > 631/tcp open ipp
> > 6000/tcp open X11
> > 32771/tcp open sometimes-rpc5
> >
> > Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
> > su-2.05b#
> >
> > I emailed fydor a few times and got no help.
> > anyone have any ideas? This used to work fine before 3.0
>
>
> What firewall are you using and what rules have you created for UDP?
> Using -sU (UDP scan) sends UDP packets. Whereas not specifying a switch
> assumes a full connect scan which uses TCP.
>
> Dru
>
More information about the freebsd-questions
mailing list