From owner-freebsd-security@FreeBSD.ORG Thu Feb 9 12:08:45 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55C2016A420 for ; Thu, 9 Feb 2006 12:08:45 +0000 (GMT) (envelope-from andy@tcpd.net) Received: from mx1.out.mail.glbx.net (mx1.out.mail.glbx.net [80.76.201.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4831F43D76 for ; Thu, 9 Feb 2006 12:08:41 +0000 (GMT) (envelope-from andy@tcpd.net) Received: from hydrogen.glbx.net ([80.76.194.12] helo=[172.16.0.12]) by mx1.mail.glbx.net with esmtpsa (Exim 4.60; TLSv1:RC4-SHA:128) id 1F7AbF-0005tD-4M; Thu, 09 Feb 2006 12:08:37 +0000 In-Reply-To: <20060208180524.57968.qmail@web52110.mail.yahoo.com> References: <20060208180524.57968.qmail@web52110.mail.yahoo.com> Mime-Version: 1.0 (Apple Message framework v746.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <35556F4C-AEBF-446B-8F79-0DC533465751@tcpd.net> Content-Transfer-Encoding: 7bit From: Andrew Gilligan Date: Thu, 9 Feb 2006 12:08:34 +0000 To: freebsd-security@freebsd.org X-Mailer: Apple Mail (2.746.2) X-Mailman-Approved-At: Thu, 09 Feb 2006 12:41:40 +0000 Cc: gahn Subject: Re: nnamp question X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2006 12:08:45 -0000 On 8 Feb 2006, at 18:05, gahn wrote: > Thanks Tim: > > well, the real interface is rl0...:) sorry for the > confusion. > > the problem is that the nmap seems to have mind of its > own and stick with em0: > > sis# nmap -e rl0 -v -sP 192.168.126.0/23 > > Starting Nmap 3.95 ( http://www.insecure.org/nmap/ ) > at 2006-02-08 12:01 CST > getinterfaces: Failed to open ethernet interface (em0) > QUITTING! > > It has 4 interfacres but nmap just sticks with em0. i > am lost ... It could be that you're running out of BPF devices. With recent versions of nmap, I needed to create 11 entries in /dev before I could get it to work. The machine in question was FreeBSD 4.11 with 4 physical interfaces. To check, run nmap through truss: truss nmap -e rl0 -sP 192.168.126.0/23 And look for something like: open("/dev/bpf4",0x1,027757740460) ERR#16 'Device busy' open("/dev/bpf5",0x1,027757740460) ERR#16 'Device busy' open("/dev/bpf6",0x1,027757740460) ERR#2 'No such file or directory' If you see that, then just add any BPF devices you need: cd /dev && sh ./MAKEDEV bpf6 Regards, -Andy