06-20-2014
Actually, nmap listens to ICMP during UDP scans primarily for ICMP unreachable messages. In theory, if you reach the system with a UDP packet, but the port the packet is addressed to is not listening, the system should discard the UDP packet and send an ICMP unreachable to the sender. The app can't see these messages, but an alert system administrator will notice them (remember we're talking theory here).
This User Gave Thanks to Perderabo For This Post:
10 More Discussions You Might Find Interesting
1. Cybersecurity
I am pretty new at running nmap ,and i have some doubt about some o/ps the nmap shows
I tried to scan my own system for UDP open ports
I see that if i use one UDP port say 13
It shows that its in open state , etc
But if i scan for the whole UDP ports in the nmap-services . I gives te... (2 Replies)
Discussion started by: DPAI
2 Replies
2. UNIX for Dummies Questions & Answers
Hi,
Whenever I tried to run nmap on my linux (red hat 6.2) boxes i got these outputs:
4444/tcp filtered krb524
6666/tcp filtered irc-serv
6699/tcp filtered napster
8888/tcp filtered sun-answerbook
Can anybody please... (10 Replies)
Discussion started by: necro
10 Replies
3. Shell Programming and Scripting
Hi everyone!
I've temporarily come out of hibernation (and will be gone for about two weeks after this post too) to ask for input on a small PHP script I have just completed.
The script aims to be a remote front-end for Nmap - now for the safety of this post, I ask that any replies refrain from... (6 Replies)
Discussion started by: Karma
6 Replies
4. AIX
I'm trying to compile nmap 4.11 on an aix 5.2 machine and get the following error when attempting the 'make' command;
make
"Makefile", line 1: make: 1254-055 Dependency line needs colon or double colon operator.
"Makefile", line 14: make: 1254-055 Dependency line needs colon or double colon... (2 Replies)
Discussion started by: zuessh
2 Replies
5. Red Hat
Hi,
Is it possible to change the nmap port name: For eg:
21/tcp open ftp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
836/tcp open unknown
843/tcp open unknown
953/tcp open rndc
I need to change the port number 836 unknown to the name of the... (4 Replies)
Discussion started by: gsiva
4 Replies
6. Shell Programming and Scripting
So...
I'm trying to script and FTP Backup of some files from openVMS Alpha machine to a Unixware 7 machine.
I decided to use .netrc to do all the FTP actions however when I send the
nmap command. It pretty much gets ignored while even other things such "ascii", "case" etc.. get respected... (0 Replies)
Discussion started by: thesubmitter
0 Replies
7. Solaris
I 'm getting following error when i run nmap for an ip .. what could be the reason for it ?
#nmap 10.22.67.18
Starting Nmap 4.68 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-07-06 19:07 UTC
Warning: Unable to open interface e1000g3301000 -- skipping it.... (2 Replies)
Discussion started by: fugitive
2 Replies
8. Linux
Hi ,
I am exploring the nmap utility for Linux.
I know that, nmap binaries are specific to the platforms e.g. nmap binaries will be diferent for Windows , AIX , Solaris and Linux platforms.
Can anyone tell me , will the nmap binaries be different for different flavours of Linux such as... (1 Reply)
Discussion started by: jatin56
1 Replies
9. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
10. Cybersecurity
I'm seeing a persistent address showing up on my firewall router logs. The address is 10.98.115.9:67, and is broadcasting to 255.255.255.255. I know that this would typically signal a BOOTP service, such as a bootp server announcing itself on the network. But I can't isolate which machine it... (3 Replies)
Discussion started by: renoir611
3 Replies
LEARN ABOUT DEBIAN
netpacket::icmp
NetPacket::ICMP(3pm) User Contributed Perl Documentation NetPacket::ICMP(3pm)
NAME
NetPacket::ICMP - Assemble and disassemble ICMP (Internet Control Message Protocol) packets.
VERSION
version 1.3.0
SYNOPSIS
use NetPacket::ICMP;
$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);
DESCRIPTION
"NetPacket::ICMP" provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).
Methods
"NetPacket::ICMP->decode([RAW PACKET])"
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input.
It is the responsibility of the programmer to ensure valid packet data is passed to this method.
"NetPacket::ICMP->encode()"
Return an ICMP packet encoded with the instance data specified.
Functions
"NetPacket::ICMP::strip([RAW PACKET])"
Return the encapsulated data (or payload) contained in the ICMP packet.
Instance data
The instance data for the "NetPacket::ICMP" object consists of the following fields.
type
The ICMP message type of this packet.
code
The ICMP message code of this packet.
cksum
The checksum for this packet.
data
The encapsulated data (payload) for this packet.
Exports
default
none
exportable
ICMP message types:
ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH
ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT
ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB
ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ ICMP_IREQREPLY
ICMP_MASKREQ ICMP_MASKREPLY
tags
The following tags group together related exportable items.
":types"
ICMP_ECHOREPLY ICMP_UNREACH ICMP_SOURCEQUENCH
ICMP_REDIRECT ICMP_ECHO ICMP_ROUTERADVERT
ICMP_ROUTERSOLICIT ICMP_TIMXCEED ICMP_PARAMPROB
ICMP_TSTAMP ICMP_TSTAMPREPLY ICMP_IREQ
ICMP_IREQREPLY ICMP_MASKREQ ICMP_MASKREPLY
":strip"
Import the strip function "icmp_strip".
":ALL"
All the above exportable items.
EXAMPLE
The following example prints the ICMP type, code, and checksum fields.
#!/usr/bin/perl -w
use strict;
use Net::PcapUtils;
use NetPacket::Ethernet qw(:strip);
use NetPacket::IP qw(:strip);
use NetPacket::ICMP;
sub process_pkt {
my ($user, $hdr, $pkt) = @_;
my $ip_obj = NetPacket::IP->decode(eth_strip($pkt));
my $icmp_obj = NetPacket::ICMP->decode(ip_strip($ip_obj));
print("Type: $icmp_obj->{type}
");
print("Code: $icmp_obj->{code}
");
print("Checksum: $icmp_obj->{cksum}
");
}
Net::PcapUtils::loop(&process_pkt, FILTER => 'icmp');
TODO
Create constants
COPYRIGHT
Copyright (c) 2001 Tim Potter and Stephanie Wehner.
Copyright (c) 1995,1996,1997,1998,1999 ANU and CSIRO on behalf of the participants in the CRC for Advanced Computational Systems ('ACSys').
This module is free software. You can redistribute it and/or modify it under the terms of the Artistic License 2.0.
This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of
merchantability or fitness for a particular purpose.
AUTHOR
Tim Potter <tpot@samba.org>
Stephanie Wehner <atrak@itsx.com>
perl v5.14.2 2011-11-20 NetPacket::ICMP(3pm)