Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
10-05-2003, 06:34 PM
|
#1
|
|
Member
Registered: Aug 2003
Location: Glasgow Scotland
Posts: 92
Rep: 
|
Strange Nmap behaviour ? ? ?
Hi All,
I am getting this output each time I run Nmap:
Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2003-05-06 00:20 BST
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.**.*** , 16) => Operation not permitted
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
Anyone any ideas why this happening. Thanks in advance
(( Seems that its my firewall that causes this problem, flushed rules and tried again. No problem ))
Thanx everyone
lub0
Last edited by lub0; 10-06-2003 at 08:27 AM.
|
|
|
|
|
10-05-2003, 06:39 PM
|
#2
|
|
Member
Registered: May 2003
Distribution: Slackware 9.1
Posts: 35
Rep:
|
I was about to post the same thing. Yes I am root.
|
|
|
|
|
10-05-2003, 06:50 PM
|
#3
|
|
Member
Registered: Aug 2003
Location: Glasgow Scotland
Posts: 92
Original Poster
Rep:
|
same here
|
|
|
|
|
10-05-2003, 08:10 PM
|
#4
|
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Plenty of information about this on Google.
http://lists.insecure.org/lists/nmap...-Jun/0076.html
I just copied the entire error string:
sendto in send_tcp_raw: sendto(3, packet, 40, 0, ***.***.***.***, 16) => Operation not permitted
And pasted it into a Google search. The above was one of the first links displayed.
Last edited by chort; 10-08-2003 at 06:18 AM.
|
|
|
|
|
10-05-2003, 08:30 PM
|
#5
|
|
Member
Registered: Aug 2003
Location: Glasgow Scotland
Posts: 92
Original Poster
Rep:
|
Thanks chort, there was also info at insecure.org ( Doh! ) Seems that its my firewall that causes this problem, flushed rules and tried again. No problem
Thanx everyone
|
|
|
|
|
10-07-2003, 06:25 AM
|
#6
|
|
Moderator
Registered: May 2001
Posts: 29,417
|
Plenty of information about this on Google.
I'd rather you not do this. Either give a specific link, in-depth info or please move on to a question you're willing to answer properly.
Answering properly will benefit current and future thread readers.
TIA
|
|
|
|
|
10-07-2003, 01:54 PM
|
#7
|
|
Member
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95
Rep:
|
Figured I'd just Ask here, instead of wasting a whole new thread..
Was wondering if anyone knew what outbound and inbound(if any) ports Nmap uses when scanning a remote machine.
I've done some searching of my own, and people who don't know will say, "check out google" or the Nmap homepage, but I've searched well enough before i post here.
Anyways, one opinion I've recieved is that a program like Nmap, simply uses whatever random High numbered port is available, to make sure there are no conflicts with regular services.
If anyone thinks otherwise, please post your comments or the port numbers here.
The idea is to be able to scan remote machines without having to disable my firewall, instead simply open up the ports that need to be open.
Thanks in advance.
|
|
|
|
|
10-07-2003, 08:45 PM
|
#8
|
|
Member
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498
Rep:
|
You really should open up another thread if the your question doesn't really relate to the thread opener's question. But I'm nice(Only on days that don't end in 'y').
NMAP, unless otherwise instructed, will use the next available high range port number that is available. It's the nature of TCP and UDP. NMAP can if I'm not mistaken be told to use a specific source port. The destination port however is dependent on what you told NMAP to do.
Depending on how you firewall is setup you might have to open it a little to allow all outgoing NEW traffic to go through.
--tarballedtux
(Because I said so)
|
|
|
|
All times are GMT -5. The time now is 08:21 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
