On Sat, Oct 13, 2007 at 04:35:12PM -0500, Kris Katterjohn wrote:
Hey Eddie, do you think you can use IP_TTL for --traceroute as well?
He would need a way to receive the TTL exceeded messages too. I was
about to say "if that was possible, the traceroute program wouldn't
need to be setuid". But then I noticed that my /bin/traceroute ISN'T
setuid and still seems to work as an unprivileged user. Hmm. An
strace of traceroute shows stuff like:
setsockopt(6, SOL_IP, IP_RECVTTL, , 4) = 0
setsockopt(6, SOL_IP, IP_TTL, , 4) = 0
setsockopt(6, SOL_IP, IP_RECVERR, , 4) = 0
So maybe it is possible. Whether it is worth adding that support to
Nmap depends on how portable it is and how much code is needed.