Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Nmap Development: Re: Nmap and WinPcap

Re: Nmap and WinPcap

From: Andreas Ericsson <ae_at_op5.se>
Date: Wed, 17 Jan 2007 10:35:05 +0100

Fyodor wrote:
> On Thu, Jan 11, 2007 at 04:48:10PM -1100, Hans Nilsson wrote:
>> Here's a version of Nmap that doesn't require WinPcap anything:
>> http://www.download.com/PacketStuff-Network-Toolkit/3000-2085_4-10428838.html
>>
>> You could also take a look at the developers website:
>> http://web.archive.org/web/20060427203232/http://www.packetstuff.com/
>
> While I think the developer means well, it is worth noting that
> distributing GPL-based tools linked to proprietary libraries is a
> copyright violation. It also must be using an ancient version of Nmap
> given that the package was added to download.com in 2005.
>
> That package links to the Packet Snifer SDK [1], which allows for
> Winpcap-comapatable features in a staticly linked library (rather than
> having to install WinPcap). For all I know, there product may be
> based on WinPcap code (their BSD-style license allows it). The
> WinPcap folks themselves have a somewhat-similar product named WinPcap
> professional [2]. I don't know if WinPcap pro can do static linking,
> but it at least works as a stand-alone DLL which eliminates the need
> to install WinPcap separately.
>
> I suppose (if we wanted to) we could add an exception to the Nmap
> license allowing linking to Packet Sniffer SDK or WinPcap Pro, just
> like the current OpenSSL exception. But I'm hopeful that the free
> version of WinPcap will gain this feature at some point. If nobody
> else adds it before this, maybe it can be a Google SoC student
> project.
>

I was under the impression that the license violation occurred to the
proprietary library in this case (ie, the plaintiff in an imaginary
court-case would be Packet Sniffer SDK's creators). AFAIK, GPL doesn't
prevent GPL'd code from linking to non-GPL libraries, only the other way
around (readline is GPL'd; you can't write programs that use it and not
GPL those programs). 

-- 
Andreas Ericsson                   andreas.ericsson_at_op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 17 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]