Subject: RE: Latest NMAP & the cisco VPN client... - msg#00035

Previous Message by Date: click to view message preview

Re: Print "MAC Address:" -lines for local interfaces (feature request)

Toni Ruottu wrote: > Hi. > > Nmap already prints out mac addresses for remote interfaces on the same > LAN, so it might as well print similar lines for local interfaces. > > --Toni Ruottu > Have you tried --iflist? Or do you mean something else, like print the local MAC address after a scan? Thanks, Kris Katterjohn signature.asc Description: OpenPGP digital signature _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org

Next Message by Date: click to view message preview

A Mac OS X build of Nmap

Hi there, First of all, I'd like to thank you guys for creating Nmap. It's one of the best apps ever ! Whatsoever, it appears that Mac OS X (10.4 Tiger, at least) has all the dependencies needed to run Nmap. So using Fink only for Nmap is a bit overkill. I personally don't really like Fink whatsoever, so I made up an Nmap ".pkg" (the standard package format on Mac OS X). This version is the latest stable version (4.20 AFAIK), and is built as a Universal Binary (Intel and PowerPC arch). It's really easy to install (basically all you have to do is double-click and authenticate), and it put all the files in the right place (for example, on OS X, man pages go in /usr/share/man/) I can put it online if you want - which I think you will, given that you do publish binaries for Nmap. - Romain smime.p7s Description: S/MIME cryptographic signature _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org

Previous Message by Thread: click to view message preview

Re: Latest NMAP & the cisco VPN client...

Colin, WinPcap can't transmit over a VPN. See: http://seclists.org/nmap-dev/2006/q3/0438.html You might try --unprivileged which should allow things like Connect scans to work. Cheers, kx On 2/9/07, Hines,Colin Mack <cmhines@xxxxxxx> wrote: > > Running XP sp2 / all latest patches and IE7. > > Cisco VPN Client 4.6.02.0011 using ipsec/tcp > Nmap for windows v4.20 downloaded today from insecure.org > > It seems that nmap is not correctly enumerating all the local routes > provided by the cisco vpn client. Here is my current route print > output... > > C:\Program Files\Nmap>route print > ======================================================================== > === > Interface List > 0x1 ........................... MS TCP Loopback interface > 0x2 ...00 13 72 c6 f2 2b ...... Broadcom NetXtreme 57xx Gigabit > Controller - Pac > ket Scheduler Miniport > 0x10004 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet > Scheduler > Miniport > ======================================================================== > === > ======================================================================== > === > Active Routes: > Network Destination Netmask Gateway Interface > Metric > 0.0.0.0 0.0.0.0 10.241.22.1 10.241.23.222 > 20 > 10.5.135.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 10.5.176.0 255.255.240.0 10.228.255.129 10.228.255.129 > 1 > 10.5.192.0 255.255.240.0 10.228.255.129 10.228.255.129 > 1 > 10.227.208.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 10.228.255.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 10.228.255.128 255.255.255.128 10.228.255.129 10.228.255.129 > 10 > 10.228.255.129 255.255.255.255 127.0.0.1 127.0.0.1 > 10 > 10.241.22.0 255.255.254.0 10.241.23.222 10.241.23.222 > 20 > 10.241.22.0 255.255.254.0 10.228.255.129 10.228.255.129 > 1 > 10.241.23.7 255.255.255.255 10.241.23.222 10.241.23.222 > 1 > 10.241.23.222 255.255.255.255 127.0.0.1 127.0.0.1 > 20 > 10.255.255.255 255.255.255.255 10.228.255.129 10.228.255.129 > 10 > 10.255.255.255 255.255.255.255 10.241.23.222 10.241.23.222 > 20 > 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 > 1 > 128.227.0.144 255.255.255.240 10.228.255.129 10.228.255.129 > 1 > 128.227.21.0 255.255.255.192 10.228.255.129 10.228.255.129 > 1 > 128.227.75.224 255.255.255.240 10.228.255.129 10.228.255.129 > 1 > 128.227.128.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 128.227.138.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 128.227.156.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 128.227.166.117 255.255.255.255 10.241.22.1 10.241.23.222 > 1 > 128.227.187.192 255.255.255.192 10.228.255.129 10.228.255.129 > 1 > 128.227.208.0 255.255.255.0 10.228.255.129 10.228.255.129 > 1 > 224.0.0.0 240.0.0.0 10.228.255.129 10.228.255.129 > 10 > 224.0.0.0 240.0.0.0 10.241.23.222 10.241.23.222 > 20 > 255.255.255.255 255.255.255.255 10.228.255.129 10.228.255.129 > 1 > 255.255.255.255 255.255.255.255 10.241.23.222 10.241.23.222 > 1 > Default Gateway: 10.241.22.1 > ======================================================================== > === > Persistent Routes: > None > > Now, here is my nmap --iflist output... > > C:\Program Files\Nmap>nmap --iflist > > Starting Nmap 4.20 ( http://insecure.org ) at 2007-02-09 11:12 Eastern > Standard > Time > ************************INTERFACES************************ > DEV (SHORT) IP/MASK TYPE UP MAC > eth0 (eth0) 10.241.23.222/23 ethernet up 00:13:72:C6:F2:2B > eth1 (eth1) 10.228.255.129/25 ethernet up 00:05:9A:3C:78:00 > lo0 (lo0) 127.0.0.1/8 loopback up > > **************************ROUTES************************** > DST/MASK DEV GATEWAY > 255.255.255.255/32 eth1 10.228.255.129 > 128.227.166.117/32 eth0 10.241.22.1 > 10.255.255.255/32 eth0 10.241.23.222 > 10.255.255.255/32 eth1 10.228.255.129 > 10.241.23.222/32 lo0 127.0.0.1 > 10.241.23.7/32 eth0 10.241.23.222 > 10.228.255.129/32 lo0 127.0.0.1 > 255.255.255.255/32 eth0 10.241.23.222 > 128.227.75.224/4 eth1 10.228.255.129 > 128.227.0.144/4 eth1 10.228.255.129 > 128.227.21.0/2 eth1 10.228.255.129 > 128.227.187.192/2 eth1 10.228.255.129 > 10.228.255.128/1 eth1 10.228.255.129 > 128.227.208.0/0 eth1 10.228.255.129 > 10.5.135.0/0 eth1 10.228.255.129 > 10.227.208.0/0 eth1 10.228.255.129 > 10.228.255.0/0 eth1 10.228.255.129 > 128.227.156.0/0 eth1 10.228.255.129 > 128.227.128.0/0 eth1 10.228.255.129 > 128.227.138.0/0 eth1 10.228.255.129 > 10.241.22.0/0 eth1 10.228.255.129 > 10.241.22.0/0 eth0 10.241.23.222 > 10.5.176.0/0 eth1 10.228.255.129 > 10.5.192.0/0 eth1 10.228.255.129 > 127.0.0.0/0 lo0 127.0.0.1 > 224.0.0.0/0 eth1 10.228.255.129 > 224.0.0.0/0 eth0 10.241.23.222 > 0.0.0.0/0 eth0 10.241.22.1 > > > As far as I can tell, it seems to be doing some wacky stuff with the > network masks. We noticed this issue when trying to nmap 10.5.177.x > boxes and it was not sending it over the vpn, but sending it over the > local network, eth0. > > Thanks! > > Colin M. Hines > Infrastructure Team -=- UF Bridges > cmhines@xxxxxxx -=- 352.871.7000 > > _______________________________________________ > Sent through the nmap-dev mailing list > http://cgi.insecure.org/mailman/listinfo/nmap-dev > Archived at http://SecLists.Org > _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org

Next Message by Thread: click to view message preview

Print "MAC Address:" -lines for local interfaces (feature request)

Hi. Nmap already prints out mac addresses for remote interfaces on the same LAN, so it might as well print similar lines for local interfaces. --Toni Ruottu _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org