LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-23-2007, 09:50 PM   #1
illiadum
Member
 
Registered: May 2006
Location: Arizona...where its unreasonably hot.
Distribution: Slackware
Posts: 34

Rep: Reputation: 15
Nemesis - Legit Use


Hello All,
I am assisting a professor at my university to setup a few machines for a security course he teaches. There are pre-written scripts he has taken from another course that use nemesis to scan an external machine on a 128. network from a machine behind a firewall in a 10. network. Whenever we run the scan script using packet injection, everything seems fine (i.e. The target machine is capturing the sent packets) however nemesis spits this out many times:

ERROR: Incomplete packet injection. Only wrote -1 bytes.

Now, even if I append ">/dev/null" to the command line, or "1>/dev/null 2>/dev/null", nemesis still gives the error message. The professor is OK with just getting rid of the error message, since he does see everything recieved anyway on the target machine. I found the source for the "buildarp" method in nemesis that actually throws the error message.

Oh yes, and here is the actual command line the script is using to execute nemesis:

nemesis-tcp -I 444 -T 99 -a 111 -s 222 -w 333 -fS -FD -x 0 -y 11 -D 128.226.1.50 -S 192.168.50.32 1>/dev/null 2>/dev/null

My question is, why is nemesis writing this error? And... How can I get it to execute without spitting the error out, short of modifying the source?

Thank you very much in advance.
 
Old 08-24-2007, 05:29 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I'm doing fine with the latest version of Nemesis and the suggested Libnet version. Maybe recompile? Nemesis is kinda stale though (2003). Could retry with something more recent and a more recent Libnet?
 
Old 08-25-2007, 06:45 PM   #3
illiadum
Member
 
Registered: May 2006
Location: Arizona...where its unreasonably hot.
Distribution: Slackware
Posts: 34

Original Poster
Rep: Reputation: 15
Yeah, I think what I'm going to end up doing is just recompiling anyway. We've got to stick with nemesis though, cause the professor really seems to like it and has grown familiar with it through this project.

Only problem I have now is how to get the nemesis source onto the VMWare machine that I am running linux from. Gotta figure out either how to get VMWare to allow the NAT to pass through to the actual system hardware, or get a floppy/CD/USB Key through. But that's another issue.

Thanks very much for the reply!
Cheers!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Please help me in installing NEMESIS ON UBUNTU krisvamc Ubuntu 9 04-20-2007 06:47 PM
LXer: Open source Microsoft's nemesis LXer Syndicated Linux News 0 06-19-2006 09:54 PM
Anyone know if this is legit? cb9fl Linux - Laptop and Netbook 6 12-15-2003 04:33 PM
nemesis libraries problem shellcode Linux - Software 1 09-25-2003 01:43 AM
Attention All Geeks: Star Trek Nemesis Rocks! MasterC General 34 01-12-2003 08:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration