Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Nmap Development: raw-sockets and Win-XP SP2

raw-sockets and Win-XP SP2

From: Gisle Vanem <giva_at_bgnett.no>
Date: Thu, 24 Jun 2004 18:47:24 +0200

I've heard strong rumours that the upcoming Win-XP SP2 will disable
the use of SOCK_RAW sockets for any user (admin included). This
will certainly hurt the use of nmap on Win-XP unless we go with
libnet for all platforms.

Steve Gibson (of www.grc.com) has been talking about the danger
of raw-sockets for years; "... have ANY practical need for raw
sockets" [*] he claims. Yeah right. Seems MS is now listening to
him. Yet for years they have deprecated the use of the ICMP API for
ping-like programs. And advised us to use SOCK_RAW instead. Back
to using icmp.dll again I guess.

I for one will not install the service-pack unless there's a loop-hole
to enable SOCK_RAW again. Anyone with additional info on this?

[*] http://www.grc.com/dos/sockettome.htm

--gv

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Jun 24 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]