|
Nmap Development
mailing list archives
Re: Nmap Online
From: David Matousek <david () matousec com>
Date: Wed, 29 Nov 2006 19:22:14 +0100
Hello,
1) Thanks for --interactive, will be added. It is not a problem even now, because
such Nmap session would be killed after timeouted. But of course, it is better
to add it.
2) You can not execute shell-commands (erm :) you should not be able to).
3) You can scan local network but the machine firewall will show you nothing.
Maybe also a good idea to add to filter just to save a few ticks of processor time.
Thanks!
--
David Matousek
Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/
Ron Bowes wrote:
Hans Nilsson wrote:
That might be prudent. I noticed that the --interactive flag doesn't
seem to be blacklisted and you can execute shell-commands from there and
everything. But it might not be an issue.
I'm not sure if you can send commands with --interactive, but you're
right, it seems dangerous.
Another idea -- don't allow people to scan the local network
(192.168.0.0/24). Just a suggestion :)
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- Re: Nmap Online, (continued)
| 
Intro
