Error after starting command > nmap
dnet: Failed to open device eth0 after installing NMAP.
QUITTING!
In my case, the error was caused by nmap being installed through Snap.
In order to get nmap to work, I had to tell snap to connect it to the network-control:
sudo snap connect nmap:network-control
After that everything worked fine.
TLDR: Use the --unprivileged nmap option.
I just suffered the same problem when tried to scan/test hosts thru a Wireguard 0.3.14 tunnel in Windows 8.1 and Windows 7 using the last available versions, nmap 7.91, npcap 1.31. Tried several solutions/combinations, running as admin, reinstalling, etc., except downgrading to Winpcap 4.1.3 (the last available) with the same result:
C:\Windows\system32>nmap -n -P0 -p 22 192.168.20.1
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-08 13:28 Hora de verano central (México)
dnet: Failed to open device eth0
QUITTING!
It's strange that the interface listing of nmap --iflist does not show a device name associated with eth0 (also doesn't show a MAC address, maybe it's Wireguard interface driver install/hooks at fault here). Relevant lines:
C:\Windows\system32>nmap --iflist
Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-08 13:32 Hora de verano central (México)
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MTU MAC
eth0 (eth0) 10.10.252.92/32 ethernet up 65535 00:00:00:00:00:00
:
DEV WINDEVICE
eth0 <none>
Relevant route print:
C:\Windows\system32>route print
===========================================================================
Interface list
8...........................Wintun Userspace Tunnel #77
:
IPv4 Route table
===========================================================================
Active routes:
Network Destination Net mask Gateway Interface Metric
192.168.20.0 255.255.255.0 On-link 10.10.252.92 5
192.168.20.255 255.255.255.255 On-link 10.10.252.92 261
Solved it using the --unprivileged option:
C:\Windows\system32>nmap --unprivileged -n -P0 -p 22 192.168.20.1
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-08 13:22 Hora de verano central (MÚxico)
Nmap scan report for 192.168.20.1
Host is up (0.20s latency).
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
After installing nmap-7.80-setup.exe, install please install npcap-0.9986.exe which is fully compatible with latest Windows 10 releases.
You can try this: nmap (IP) -P (puerto) --interface (ethX)
or install npcap from oficially page https://nmap.org/npcap/#download
Not always too late..
I've seen this "reinstall or install npcapxversion all around the web but my solution was simple and logic based.
Just enable NPCAP protocols ONLY in the network adapter you want to use, disable on the others.
The logic on reinstalling may be the order in wich npcap disable and reenable network interfaces giving top priority (disabling and re-enabling at last) to the actual one you are using. But if you don't wanna mess with interface priorities.. do as I said and just enable NpCap only in the adapter you need nmap to.
If you are using Nessus also in the same machine, you are not able to use nmap. NPCAP will be used by Nessus and same is required for NMAP as well.
Related
I know there are a lot of posts on the internet about this subject, but I have been debugging this over two days now and I don't seem to get any further.
The setup
I have a (pretty old) Vagrant box on my work laptop that's been setup mostly by a former collegae. Everything seems to be still working for me and my collegaes so we don't have had any reason to setup a completely new one.
The Vagrant box contains a Centos installation on which we develop websites.
The host machine is Windows 10.
The problem
When in the office, connected to the physical network (by cable), I can use XDebug without any problems. I enable XDebug from my Firefox browser plugin and XDebug on Centos then connects to PHPStorm on Windows, so I can step through code.
However, when at home, on WIFI (I don't have a cable) XDebug just won't work.
The XDebug log on the Vagrant machine currently states the following:
I: Checking remote connect back address.
I: Checking header 'HTTP_X_FORWARDED_FOR'.
I: Checking header 'REMOTE_ADDR'.
I: Remote address found, connecting to 10.10.10.1:9000.
E: Time-out connecting to client. :-(
Research
In many posts I read that the Vagrant host address should be something like 10.0.2.2. As far as my information goes in our case it has always been 10.10.10.1.
I also read that from the Vagrant box you should check the host IP by using netstat. The host IP would be the default Gateway.
At home (while on WIFI) I tested this and the output was:
netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.220.2 0.0.0.0 UG 0 0 0 ens32
10.10.10.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ens33
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ens34
192.168.56.0 0.0.0.0 255.255.255.0 U 0 0 0 ens34
192.168.220.0 0.0.0.0 255.255.255.0 U 0 0 0 ens32
Here the default Gateway is "192.168.220.2". So I tried to set that IP for xdebug, by manually setting XDebug's remote_host to 192.168.220.2 and disabling remote_connect_back
Now the log says:
I: Connecting to configured address/port: 192.168.220.2:9000.
W: Creating socket for '192.168.220.2:9000', poll success, but error: Operation now in progress (29).
E: Could not connect to client. :-(
Log closed at 2020-01-26 08:19:34
From other posts I understood that this is in fact worse and the IP-address is just wrong, because it should be an internal IP-adress like 10.10.10.1
Edit 1: I tested this today while in the office, connected to the physical network. XDebug works as expected, but the output of netstat is the same for the Gateway, so this probably has nothing to do with it:
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.220.2 0.0.0.0 UG 0 0 0 ens32
10.10.10.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ens33
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ens34
172.24.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens34
192.168.220.0 0.0.0.0 255.255.255.0 U 0 0 0 ens32
Edit 2: While in the office, I now also tested XDebug while on WIFI (by disconnecting the physical network cable) and then XDebug no longer works. So the problem does not seem to be specific to my home network, but rather to being on physical network VS WIFI.
PHPStorm says I'm fine
PHPStorm has this xdebug validate screen in the settings. Trying that passes everything with green checks. Appearently that validation doesn't validate enough?
Interesting to note
Simultaneously I was also trying to mount a Samba share from Windows into my Vagrant box. I wanted to experiment with that setup, but just like XDebug the mount command is unable to reach the host machine.
Edit: I tested this today while in the office on the physical network and this then doesn't work either. So we can probably forget about this for now as this seems to be a completely different issue.
Edit 27-01: I thought I fixed the problem, but this only worked when on WIFI at the office. At home, it still doesn't work.
The fix in the office was fiddling with IP routes in the Centos server.
Edit 29-01:
I still don't have this working, but after several tests I think I can state that the VM can reach the host:
- ping 10.10.10.1 works
- nmap -p 9000 10.10.10.1 seems to tell me that it can reach the port
Besides that today I found out that when PHPStorm is not listening on port 9000, the XDebug log file says:
"Creating socket for '192.168.220.2:9000', poll success, but error: Operation now in progress (29)."
But when PHPStorm is listening for a connection the XDebug log says:
"Remote address found, connecting to 10.10.10.1:9000"
The fact that the errormessage on the VM's side changes when the state of the host changes, makes me believe that the connection is coming through.
That would mean that - for some reason - PHPStorm simply is unable to handle the incoming connection. The only reason for that I could think of is that PHPStorm may not be able to talk back to the VM?? Does that sound plausible? And if so, how to further investigate this?
The following phrase seems to indicate that a connection is made.
W: Creating socket for '192.168.220.2:9000', poll success, but error: Operation now in progress (29).
Are you sure that it is PhpStorm that is listening on port 9000 locally? And that your Vagrant box can talk to it?
Let's find out the first one: In a shell on your host (which runs Windows in both cases, I presume), run:
C:\> netstat -a -b
And make sure that it is the PhpStorm process that is listening on port 9000.
If it is something else, change the port in the PhpStorm config to something else (say 9003), and make that same port the value for the xdebug.remote_port setting in php.ini. The turn off "listening for debugging connections" in PhpStorm, and turn it back on again.
Secondly, test whether the Vagrant box can talk to that port
I had a similar issue and for me it was an issue with the host machine network profile. It was not discoverable in the private network on allowing it for discover in the private network it did worked.
Below is the configuration in my Windows host machine after which it did worked.
Network Profile Configuration
I am running a windows docker container on a Windows Server 2016 host, running default configuration.
When running the docker container using the command:
docker run -it microsoft/windowsservercore powershell
When I run the command:
ping <hostIPAddress>
It just says that the request times out.
I have checked that I can ping 8.8.8.8 and google.com etc... and even other machines on the same subnet. The only one I cannot ping is the host.
I have added '--dns ' to the 'docker run' command but this only allows me to ping the host machine via hostname and not IP.
Has anyone else seen this problem and have a solution?
I found a workaround (I'm not willing to call it a solution):
Windows Container Network Drivers: create a 'transparent' network:
docker network create -d transparent trans
Attach container to this network
docker run --network=trans ...
Important: Please note, that with this network, your container needs to obtain an IP Adress from the Host Subnet and it is directly exposed to it.
maybe related (this is about access the containers from the host):
According to https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932 (JMesser81):
This is a known limitation in our Windows NAT implementation (WinNAT) that you cannot access the external port in a static port mapping directly from the container (NAT) host.
Hoping this might help somebody.
On Windows 10 when hosting a Linux container on 0.0.0.0:5057 I was able to ping my server from my Windows host (powershell) using the IP address of the vEthernet (Default Switch) NIC found in Control Panel>All Control Panel Items>Network Connections:
In my case I have a corporate managed McAfee firewall running on my Windows host. I could not add any additional rules on the firewall, but fortunately there was a rule that allowed access from 172.16.0.0/24.
I used "docker network create -d transparent trans" and it worked as described, but I was not happy with an IP from my host network assigned to the container.
I did the following:
docker network create --driver=nat --subnet=172.16.0.0/24 br0
Added --network=br0 to my docker run command
I am facing the same issue.
My workaround is to restart docker service, afterwards it works fine. I'm still looking for a permanent solution.
root#a6c40eb25cbf:/# ping xxx.xx.xx.xxx
PING xxx.xx.xx.xxx (xxx.xx.xx.xxx): 56 data bytes
64 bytes from xxx.xx.xx.xxx: icmp_seq=0 ttl=37 time=3.541 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=1 ttl=37 time=2.643 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=2 ttl=37 time=1.857 ms
^C--- xxx.xx.xx.xxx ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
This works for me, I hope it works for you.
Currently, you must have WSL or WSL2 installed and have Virtualization enabled to run Docker on Windows.
The installation of WSL from PowerShell is with the following command.
wsl --install -d Ubuntu
Obviously you need to download and install Docker Desktop on Windows. It will be necessary to enable the WSL integration from the Docker desktop settings after installing it.
After configuring WSL and Docker Desktop, you can create/use your containers. Example:
docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres
Finally you must identify the IP of WSL, you must open the Linux distribution that you installed in the first step, in our case Ubuntu, this will open your terminal and here we will execute:
ifconfig
and you will identify the ip of eth0. Example: 172.27.123.123
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.27.123.123 netmask 255.255.240.0 broadcast 172.27.127.255
inet6 fe80::215:5dff:fecf:b4 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:cf:00:b4 txqueuelen 1000 (Ethernet)
RX packets 4389 bytes 299784 (299.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4343 bytes 315643 (315.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Now you can ping from CMD in Windows to this IP.
NOTE: the connection will depend on the port of your container, example: 172.27.123.123:8080.
Running macOS and docker ubuntu on it, I am unable to ping my local network's IP addresses. Below is the network configuration of my docker container. I can ping my host machine's IP address but I am unable to access other IP addresses on the local network.
root# ping 172.17.101.192
PING 172.17.101.192 (172.17.101.192) 56(84) bytes of data.
From 172.17.0.3 icmp_seq=1 Destination Host Unreachable
From 172.17.0.3 icmp_seq=2 Destination Host Unreachable
root# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:03
inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
Is there any network configuration which would help me to perform this operation?
I have tried net=host but it is not helping it.
I was using docker for mac, the issue was docker internal network conflicting with my local network addressing.
To resolve the this issue, i need to go to Preferences in the dokcer menu.
In Preferences menu Daemon>Advanced Menu, i can supply other bip.
{
"bip" : "12.12.0.1/24"
}
Click apply and restart. The next time docker will start with internal network as 12.12.0.1/24.
I think docker internal network could be conflicting with your local network addressing.
Try to run Docker changing the default internal network to something that doesn't conflict, as 172.31.0.0/24. Add to your Docker startup options --bip 172.31.0.1/24, probably located in /etc/default/docker:
# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS="--bip 172.31.0.1/24"
UPDATE: Although this is true in Linux, Mac implementation is different, see docs here, so it depends if you're using Docker for Mac or for Linux.
Just to test, try to attach your laptop to a different network, any in the range of 192.168.0.0/16 would suffice.
I'm guessing you're using docker-machine.
You should check out docker for mac as it has some networking improvements that may make this work for you. This is what I'm using and I'm able to reach other hosts on my internal network from docker.
I tried the following, and it works:
mac-os $> ifconfig
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 78:31:c1:bd:4b:84
inet6 fe80::1425:a90d:9c00:ef53%en0 prefixlen 64 secured scopeid 0x4
inet 10.191.41.1 netmask 0xfffff800 broadcast 10.191.47.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
So my ip is 10.191.41.1. Then I do:
mac-os $> docker run -ti --rm ubuntu bash -c "apt-get update && apt-get install -y inetutils-ping && ping 10.191.41.1"
Which installs the "ping" command, and tries to ping my host. I get the right answers:
[...]
PING 10.191.41.1 (10.191.41.1): 56 data bytes
64 bytes from 10.191.41.1: icmp_seq=0 ttl=37 time=0.303 ms
64 bytes from 10.191.41.1: icmp_seq=1 ttl=37 time=0.536 ms
[...]
I wanted to throw this answer out as it happened to me on Windows, but could really on any environment. I was using a bridge network on my local machine for a service I was developing and ran into similar issues, what was weird was that pinging our production physical servers (which started with a 10.10... IP pattern) or the random sites on the internet I was able to receive a response. But the physical dev server which sat on a 172.16... pattern didn't work.
Finally I discovered through doing docker network inspect on the networks I had locally that one had created with the same subnet of 172.16... which overlapped my physical server IP address range. So when I was pinging the physical dev server, it was trying to find it on the virtual docker network, where it didn't exist.
After deleting that network (it was a dev one I didn't use), everything worked.
docker network rm {networkName}
If I had to keep the network, it is possible to change the subnet in the docker-compose file. If you need to change the conflicting subnet, the link to that is here How do configure docker compose to use a given subnet if a variable is set, or choose for itself if it isn't?
That would look something like this (if you wanted a 12.12 subnet):
networks:
default:
ipam:
config:
- subnet: 12.12.0.0/16
before the update to Yosemite (on Mavericks) i was able to access my locally hosted sites via apache even when the wifi was completely turned off. i set up my AMP stack according to this tutorial: http://wizardmode.com/2012/06/apache-php-mysql-dev-on-os-x-lion-with-a-minimum-of-pain/
FROM THE TUTORIAL
One more thing. OS X will refuse to do DNS lookups if you’re not connected to a network (under some circumstances). There’s a simple way around that, in two steps:
First, install VirtualBox. Create a new virtual machine, and give it a Host-only network adapter. (You can use the FreeDos image, if you don’t actually need a virtual machine for anything. It’s small.) Start the virtual machine at least once.
You can do this from the commandline with this snippet (after VirtualBox is installed):
(ifconfig | grep -s vboxnet) || VBoxManage hostonlyif create ipconfig vboxnet0 --ip 192.168.56.1 --netmask 255.255.255.0
This prevents OS X from disabling normal DNS resolution when you’re not connected to a network.
Second, create a ‘dev’ domain resolver entry:
sudo mkdir -p /etc/resolver
sudo tee /etc/resolver/dev <<EOT
nameserver 127.0.0.1
domain dev
search_order 1
EOT
This tells OS X that it can always ask localhost (your dnsmasq server) for domain resolution for .dev domains when it doesn’t have other DNS servers.
Now if you type ifconfig in a terminal, one of the lines should start with vboxnet0: – if it does, great! OS X will happily do DNS lookups even if you’re on an airplane, so you can keep using your .dev domains wherever you are.
END TUTORIAL SECTION
after the update i went through hell to get all my local sites running and now they only work if i have an internet connection
I am running dnsmasq according to the tutorial and I did the whole VirtualBox trick. here is the relevant output of ifconfig:
vboxnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00
inet 192.168.56.1 netmask 0xffffff00 broadcast 192.168.56.255
vboxnet1: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:01
I'm not really sure what's going wrong. Here is a screenshot of my wifi network settings:
you can see the opendns servers and then localhost for dns resolution purposes.
furthermore, here is scutil --dns output:
DNS configuration
resolver #1
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 127.0.0.1
flags : Request A records, Request AAAA records
reach : Reachable
resolver #2
domain : dev
nameserver[0] : 127.0.0.1
flags : Request A records, Request AAAA records
reach : Reachable,Local Address
order : 1
DNS configuration (for scoped queries)
resolver #1
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 127.0.0.1
if_index : 4 (en0)
flags : Scoped, Request A records, Request AAAA records
reach : Reachable
I'm really at a loss here for what's happening and going wrong. I've tried debugging some of the shell scripts from the tutorial to see if they are causing problems but I can't figure it out. This should be simple as pie IMO. Why is this such a nightmare?
Any help would be greatly, greatly appreciated as I'm wasting valuable time that could be used for building useful things on this mess. THANK YOU!!!!
As of 10.10 and discoveryd no DNS resolution can take place when you are disconnected from all networks.
you can confirm this by running scutil --dns once when connected, and again when disconnected.
Here is a video that shows the difference in behavior between 10.9 and 10.10 https://www.youtube.com/watch?v=3m9OI_AjCx8
I've tried to escalate this with Apple, the response was that it's expected behavior.
The only workaround I know of is to re-add mDNSResponder as per http://arstechnica.com/apple/2015/01/why-dns-in-os-x-10-10-is-broken-and-what-you-can-do-to-fix-it/
I have two Ubuntu 12.04 machines connected with a crossover cable. I manually configured the IP to be 1.1.1.0 and 1.1.1.1. I can do ping, rcp and use git clone no problem between the two machines. I also have Nexus Sonatype configured in 1.1.1.0 and try to have the other machine to pull dependencies from that one but doesn't work I get "can't establish connection" I get the same error trying to access the Nexus Sonatype web server from that machine.
My Nexus Sonatype process looks like this:
azg 4102 4100 1 19:21 ? 00:00:29 java -Djava.net.preferIPv4Stack=true -Dcom.sun.jndi.ldap.connect.pool.protocol=plain ssl -Djava.library.path=bin/jsw/lib -classpath bin/jsw/lib/wrapper-3.2.3.jar:./lib/sisu-jetty8-1.4.2.jar:./lib/logback-classic-1.0.7.jar:./lib/appcontext-3.2.jar:./lib/jetty-security-8.1.8.v20121106.jar:./lib/metrics-jetty-2.2.0.jar:./lib/metrics-logback-2.2.0.jar:./lib/metrics-core-2.2.0.jar:./lib/jetty-util-8.1.8.v20121106.jar:./lib/jetty-deploy-8.1.8.v20121106.jar:./lib/nexus-logging-extras-appender-2.5.1-01.jar:./lib/nexus-bootstrap-2.5.1-01.jar:./lib/jetty-xml-8.1.8.v20121106.jar:./lib/javax.servlet-3.0.0.v201112011016.jar:./lib/jetty-server-8.1.8.v20121106.jar:./lib/jetty-continuation-8.1.8.v20121106.jar:./lib/jetty-servlet-8.1.8.v20121106.jar:./lib/jetty-webapp-8.1.8.v20121106.jar:./lib/jetty-http-8.1.8.v20121106.jar:./lib/jetty-jmx-8.1.8.v20121106.jar:./lib/slf4j-api-1.7.2.jar:./lib/jetty-io-8.1.8.v20121106.jar:./lib/logback-core-1.0.7.jar:./lib/jetty-rewrite-8.1.8.v20121106.jar:./lib/plexus-interpolation-1.15.jar:./conf/ -Dwrapper.key=lOc_daTBExiskDCG -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.pid=4100 -Dwrapper.version=3.2.3 -Dwrapper.native_library=wrapper -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.sonatype.nexus.bootstrap.jsw.JswLauncher ./conf/jetty.xml
Netstat produces the following output:
azg#olympus:~$ sudo netstat -anp | grep ":80.*LISTEN"
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 4102/java
Can anyone shed light into what's wrong here?
UPDATE: This other question may be related to this issue i.e. using an incorrect ip range. I have to test this tomorrow at work.
For local private network is reserved the range 192.168.x.x.
The adresses: 192.168.0.0 and 192.168.0.255 you should not use.
The Ips 1.1.1.0 and 1.1.1.1 are internet adresses and used in Australia, this is a Class A netwok and can be used for 16.777.214 hosts in 128 networks.
If you set up a home network then use 192.168.0.1 and 192.168.0.2 and so on, try to stay in a Class C network, use for 254 hosts with a mask of 255.255.255.0.
PS. 10.0.0.0 - 10.255.255.255 and 172.16.0.0 - 172.31.255.255 are also private netwoks and not used in the internet
I am reading "direct cable between the two boxes" ? I think you need a special cable, the normal network cable working only if you connect the two boxes with each other over a switch or hub.