PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Ignore ICMP Time Exceeded for the purpose of host discovery.

Browse Source 
http://seclists.org/nmap-dev/2015/q2/68
From: David Fifield <david () bamsoftware com>
Date: Wed, 29 Apr 2015 10:13:40 -0700

Previously, a Time Exceeded message meant the host was immediately
marked down, even if there were other probes still in transit. Now it
gets treated the same as no-response.

I found that a concurrent ICMP traceroute was interfering with host
discovery. Nmap was receiving and acting on the Time Exceeded messages
produced by the traceroute process. This caused it to mark a host as
down that actually was up.
This commit is contained in:
dmiller
2017-04-15 03:30:27 +00:00
parent c58aa814f3
commit 9e81835ccb
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scan_engine_raw.cc
View File

@@ -721,10 +721,6 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
|| (hdr.proto == IPPROTO_ICMPV6 && ping->type == 3)) { || (hdr.proto == IPPROTO_ICMPV6 && ping->type == 3)) {
if (o.debugging) if (o.debugging)
log_write(LOG_STDOUT, "Got Time Exceeded for %s\n", hss->target->targetipstr()); log_write(LOG_STDOUT, "Got Time Exceeded for %s\n", hss->target->targetipstr());
goodone = 1;
newstate = HOST_DOWN;
/* I don't want anything to do with timing this. */
adjust_timing = false;
} else if (hdr.proto == IPPROTO_ICMP && ping->type == 4) { } else if (hdr.proto == IPPROTO_ICMP && ping->type == 4) {
if (o.debugging) if (o.debugging)
log_write(LOG_STDOUT, "Got ICMP source quench\n"); log_write(LOG_STDOUT, "Got ICMP source quench\n");