-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you are using the Windows version of nMap, and you have win2k or
winxp, you are probably experiencing slow scans in some cases.
Here's a quick patch that hopefully fixes it :)
In tcpip.c, replace:
int flt_icmptcp_2port(const char *packet, int len)
{
struct ip* ip = (struct ip*)packet;
if(ip->ip_dst.s_addr != flt_dsthost) return 0;
if(ip->ip_p == IPPROTO_ICMP) return 1;
if(ip->ip_src.s_addr != flt_srchost) return 0;
if(ip->ip_p == IPPROTO_TCP)
{
struct tcphdr* tcp = (struct tcphdr *) (((char *) ip) + 4 *
ip->ip_hl);
if(len < 4 * ip->ip_hl + 4) return 0;
if(tcp->th_dport == flt_baseport || tcp->th_dport ==
flt_baseport + 1)
return 1;
}
return 0;
}
with:
int flt_icmptcp_2port(const char *packet, int len)
{
unsigned short dport;
struct ip* ip = (struct ip*)packet;
if(ip->ip_dst.s_addr != flt_dsthost) return 0;
if(ip->ip_p == IPPROTO_ICMP) return 1;
if(ip->ip_src.s_addr != flt_srchost) return 0;
if(ip->ip_p == IPPROTO_TCP)
{
struct tcphdr* tcp = (struct tcphdr *) (((char *) ip) + 4 *
ip->ip_hl);
if(len < 4 * ip->ip_hl + 4) return 0;
dport = ntohs(tcp->th_dport);
if(dport == flt_baseport || dport == flt_baseport + 1)
return 1;
}
return 0;
}
Also, in the spirit of killing possible old bugs, please tell me if
you are having particularly good or bad experiences with
fingerprinting on windows. Send in the output with --win_trace -d.
Thanks,
Andy
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBO9j2PzF1mpyDznXTEQLr7wCfeA5pl0LNwc6JhENwbFpoXTLU8uAAniD+
swqh4kUbf+Cca1iUTSIOuWPN
=tu+p
-----END PGP SIGNATURE-----
--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Oct 26 2001
Intro
