Date: Sun, 30 Sep 2007 22:22:56 -0700 From: "Mark D. Foster" <mark@foster.cc> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/116778: nmap ping-scan misses some hosts Message-ID: <47008430.1030808@foster.cc> Resent-Message-ID: <200710010530.l915U21m044353@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 116778 >Category: ports >Synopsis: nmap ping-scan misses some hosts >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 01 05:30:02 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Mark Foster >Release: FreeBSD 5.5-RELEASE-p15 i386 >Organization: >Environment: System: FreeBSD franco.foster.dmz 5.5-RELEASE-p15 FreeBSD 5.5-RELEASE-p15 #23: Thu Aug 2 02:47:53 PDT 2007 root@franco.foster.dmz:/usr/obj/usr/src/sys/FRANCO1 i386 FreeBSD sonar.foster.dmz 6.2-RELEASE-p6 FreeBSD 6.2-RELEASE-p6 #2: Fri Jul 13 02:58:24 PDT 2007 root@sonar.foster.dmz:/usr/obj/usr/src/sys/GENERIC sparc64 >Description: Using nmap to ping-scan a network range gives inconsistent results. Certain hosts that are definitely UP are recognized as down when using a "range". This seems to be specific to FreeBSD as the same version of nmap (4.20) on a linux box correctly sees the hosts as UP. >How-To-Repeat: Hosts 192.168.1.1, .2 and .3 are all UP. nmap -sP -PE 192.168.1.1-3 Result on FreeBSD: (flavors seen above) Starting Nmap 4.20 ( http://insecure.org ) at 2007-09-30 22:10 PDT Host HORTON.foster.dmz (192.168.1.2) appears to be up. MAC Address: 00:B0:D0:47:76:48 (Dell Computer) Nmap finished: 3 IP addresses (1 host up) scanned in 0.887 seconds Result on Linux: Starting Nmap 4.20 ( http://insecure.org ) at 2007-09-30 22:12 PDT Host gw.foster.dmz (192.168.1.1) appears to be up. MAC Address: 00:0F:B5:1F:89:D2 (Netgear) Host HORTON.foster.dmz (192.168.1.2) appears to be up. MAC Address: 00:B0:D0:47:76:48 (Dell Computer) Host franco.foster.dmz (192.168.1.3) appears to be up. MAC Address: 00:B0:D0:7E:6C:7E (Dell Computer) Nmap finished: 3 IP addresses (3 hosts up) scanned in 0.203 seconds The 192.168.1.1 host is not seen be FreeBSD. Same holds true for another host 192.168.1.11. Also, if I run nmap -sP -PE 192.168.1.1 on FreeBSD it DOES see the host as UP which is correct. /tmp root@franco>nmap -sP -PE 192.168.1.1 Starting Nmap 4.20 ( http://insecure.org ) at 2007-09-30 22:20 PDT Host gw.foster.dmz (192.168.1.1) appears to be up. MAC Address: 00:0F:B5:1F:89:D2 (Netgear) Nmap finished: 1 IP address (1 host up) scanned in 0.435 seconds >Fix: Unknown, but I am happy to offer tcpdump or ktrace or any other output if it helps. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47008430.1030808>