Home page logo

Nmap Announce mailing list archives

Re: nmap for Wintendo (NT/Win2K)
From: "Stou Sandalski" <tangui () cell2000 net>
Date: Tue, 22 Feb 2000 01:52:14 -0800

----- Original Message -----
From: "Ken Williams" <Ken.Williams () ey com>
To: <nmap-hackers () insecure org>
Sent: Monday, 21 February, 2000 16:57
Subject: nmap for Wintendo (NT/Win2K)

Any related comments or suggestions (and of course creative, humorous
are welcome, such as why Windows' TCP/IP stack is brain dead, or why the
concept of this project is itself blasphemous, or even why the "Nmap for
project would be detrimental to "our war against The Evil Empire".

Hey you know I was actualy thinking about that the other day, I heven't
looked at the code of nmap yet, but since w2k supports straight up raw
sockets that you can modify anything you want (ie roll your own tcp, ip,
whatever else you please..), I haven't tested it out yet but thats what the
platform sdk says, NT and 9x with winsock 2.2 support some ms crap they call
raw sockets which lets you modify IGMP, and ICMP  packets but to modify
anything else you need to set an option called IP_HDRINCL (I can't say that
I have actualy writen any code for anything other then a wintel platform...
so I don't know if this option is a win32 thing or is something coming from
the berkeley sockets you never know with microsoft) which of course is not
supported by anything other then w2k. I was going to suggest porting nmap to
windoze, but I was afraid of the flame war that could have caused.

Other then raw sockets I wonder how else one can do this (ie send your own
"fake" packets), I mean how else are you going to do a syn scan? I know its
possible to do it in NT, because Network assoc.'s Cybercop Sting, uses an NT
box to simulate a few machines (I think soemthing like 3 - 5 max) running
different operating systems on your network to make h4x0r 1337 d00ds think
they hit the jackpot where in fact they are getting loged and so on so
forth. its supposed to be able to fool fingerprinting, I have not been able
to make it work it seems pretty unfinished and as far as my insider buddy at
NAI said it was dead.  No matter though its obviously possible to modify the
packets somehow, any clues?

I think it would be neato to port nmap to windoze, I mean I haven't seen
anything as cool and powerful for windows (Yeah I know about Cybercop
scaner, and IIS's scanner thing but I mean freee with source code avaiable),
and I would be down to help out with the porting if anyone else wants to do


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]