Ii've modified the code of nmap_wrapper.c to do some debug and i've found that the problem
come from the nmap pipe.
The problem arise from the fgets() call into the read_nmap_output() : sometimes it fail, returning errno = EINTR (Interrupted system call) during the first fgets() call of the scan.This give 0 open port, but does not report any error . I've modified the code so that
1) read_nmap_output() : if the fgets() fail, it set num_ports=-1, signaling the error to the calling function (plugin_run() here)
2) plugin_run() function : if any error occurred after the read_nmap_output() (num_port < 0), the function will retry to run nmap for a fixed times, jumping back to the again: label.
This give me a kind of a fault tolerancy. However i don't understand why nmap behave in a so strange way ....
If this could help i can share with the nessus community my work.
Bye.
Paolo Poletti
George A. Theall wrote:
On Mon, Feb 03, 2003 at 01:42:25PM +0100, Paolo Poletti wrote:I see that the scan results on the same machine, in the same network/systems conditions, are different. The first difference is the open ports detected by nmap.I've tried to do the same port scan using only nmap and the problem does not appear.Maybe is the nmap wrapper that is failing ?On the machine where it's failing: o Is nmap even installed? o Does your scan make use of the nmap_wrapper plugin? o Does the nmap_wrapper plugin run? Successfully? Check the nessus logs. o Is nmap available in the same PATH used when starting the Nessus daemon? If not, the daemon will not attempt to run the nmap_wrapper plugin. o What are the permissions on nmap and as what uid does the Nessus daemon run? George
