On Sat, Oct 13, 2007 at 04:35:12PM -0500, Kris Katterjohn wrote:
> Hi everyone!
>
> I have attached a patch to enable --ttl to work with connect() scans (-sT).
> As long as the system supports the setsockopt IP_TTL option, it sets it.
> >From googling, it looks like most systems support this (Linux, BSD, OS X,
> Windows).
>
> I've tested it on Linux and verified it with Wireshark.
Looks good to me! Please check it in.
> Hey Eddie, do you think you can use IP_TTL for --traceroute as well?
He would need a way to receive the TTL exceeded messages too. I was
about to say "if that was possible, the traceroute program wouldn't
need to be setuid". But then I noticed that my /bin/traceroute ISN'T
setuid and still seems to work as an unprivileged user. Hmm. An
strace of traceroute shows stuff like:
setsockopt(6, SOL_IP, IP_RECVTTL, [1], 4) = 0
setsockopt(6, SOL_IP, IP_TTL, [2], 4) = 0
setsockopt(6, SOL_IP, IP_RECVERR, [1], 4) = 0
So maybe it is possible. Whether it is worth adding that support to
Nmap depends on how portable it is and how much code is needed.
Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Sun Oct 14 2007 - 06:35:40 GMT