[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nmap-dev
Subject:    Re: -P0 still attempts ARP scan
From:       William MacKay <foobaz () gmail ! com>
Date:       2005-09-14 2:21:53
Message-ID: F929770F-6D96-4FC5-9E54-31958B4761CD () gmail ! com
[Download RAW message or body]

On Sep 13, 2005, at 9:27 PM, Fyodor wrote:

> On Tue, Sep 13, 2005 at 12:41:38PM -0400, William MacKay wrote:
>
>> On Sep 13, 2005, at 12:24 PM, Arturo 'Buanzo' Busleiman wrote:
>>
>> This is bad, because --spoof_mac seems to screw up the ARP ping scan,
>> so it refuses to scan even with -P0.
>
> Maybe your network is MAC locked or otherwise doesn't allow the
> spoofed MAC addresses (or just takes a while to recognize them).

Oh, you're right. This is a WiFi network restricted to certain MAC  
addresses. I guess i thought that once i was connected to the  
network, i could spoof my MAC with impunity. Apparently not.

I used Mac OS X for these tests. I also run Nmap on OpenBSD. It works  
great on both.

--send_ip sounds useful, thanks.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
[prev in list] [next in list] [prev in thread] [next in thread]