Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Running NMAP as a non root user - patch
From: Felix Gröbert <fg () bundesamtfuersicherheitinderinformationstechnik de>
Date: Mon, 16 May 2005 22:48:00 +0200

I wonder how a chown root nmap; chmod +s nmap; installation would be a
security risk (given that nmap doesn't have a large vulnerability
records (that am I aware of)). Any comments on this?

I wouldn't want to bet on a system booting if you told nmap
to write its log file to /etc/inittab! ;-)

A setuid nmap executeable is a bad idea. So do not chmod +s it if your 
friend wants to test his firewall rules from your box:

nmap --interactive
Starting nmap V. 3.75 ( http://www.insecure.org/nmap/ )
Welcome to Interactive Mode -- press h <enter> for help
nmap> !id
[...]

A nice backdoor... --interactive isn't in the man page, maybe for a 
reason

    prost, Felix



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]