[Solved] nmap - connectivity-check.ubuntu.com, reverse DNS with -n

Lorec · 2025-04-21 12:49:38

Here is my tcpdump command:

sudo tcpdump -vi <local_interface> -n > <output_file>

In another terminal window:

nmap -p 19 -n <ip_of_my_local_machine>/<subnet>

In the middle of output_file I get

07:43:26.049983 IP (tos 0x0, ttl 64, id 21172, offset 0, flags [DF], proto UDP (17), length 86)
    <ip_of_my_local_machine>.<port> > <ip_of_local_gateway>.53: 11009+ [1au] AAAA? connectivity-check.ubuntu.com. (58)
07:43:26.050109 IP (tos 0x0, ttl 64, id 28061, offset 0, flags [DF], proto UDP (17), length 86)
    <ip_of_my_local_machine>.<port> > <ip_of_local_gateway>.53: 26007+ [1au] A? connectivity-check.ubuntu.com. (58)
07:43:26.075367 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 422)
    <ip_of_local_gateway>.53 > <ip_of_my_local_machine>.<port>: 11009 12/0/1 connectivity-check.ubuntu.com. AAAA 
<reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-
check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA 
<reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-
check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA 
<reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-
check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA 
<reverse_ipv6_address>, connectivity-check.ubuntu.com. AAAA <reverse_ipv6_address>, connectivity-
check.ubuntu.com. AAAA <reverse_ipv6_address> (394)

Nothing else should be sending packets concurrently with the nmap scan. I have tried this dozens of times, with different subnet ranges, querying foreign well-known IPs, etc., but I cannot seem to make nmap stop triggering these queries involving reverse DNS and connectivity-check.ubuntu.com. My

/etc/NetworkManager/conf.d/20-connectivity.conf

does not exist and my

/usr/lib/NetworkManager/conf.d/20-connectivity.conf

has the connectivity uri set to ping.archlinux.org/nm-check.txt, not connectivity-check.ubuntu.com. I would assume it was an issue with my router, but it also happens when I am on the other side of town and using my mobile hotspot.

How can I disable these?

Last edited by Lorec (2025-04-21 17:56:48)

Lorec · 2025-04-21 17:55:39

I tried waiting a sufficiently long amount of time and the apparent reverse DNS queries happen in the background regardless of me using nmap, whoops

Arch Linux

#1 2025-04-21 12:49:38

[Solved] nmap - connectivity-check.ubuntu.com, reverse DNS with -n

#2 2025-04-21 17:55:39

Re: [Solved] nmap - connectivity-check.ubuntu.com, reverse DNS with -n

Board footer