Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: nmap issue

Re: nmap issue

From: <bensonk_at_acm.wwu.edu>
Date: Sat, 17 May 2008 10:20:02 -0700

I really don't like the idea of having nmap start something that runs as
a service by default. It's that kind of thing that makes windows
machines all slow and obnoxious after you've installed a few dozen
things. Maybe that's not what you're proposing, but if it is, I
disagree. If it isn't, I apologize for misinterpreting what you said.

Benson

On Sat, May 17, 2008 at 03:32:46PM +0100, Rob Nicholls wrote:
> > -----Original Message-----
> > From: Gianluca Varenni [mailto:gianluca.varenni_at_gmail.com]
> > Sent: 17 May 2008 00:16
> > To: Brandon Enright; Mike pattrick
> > Cc: nmap-dev_at_insecure.org; bmenrigh_at_ucsd.edu
> > Subject: Re: nmap issue
> <snip>
> > if you set the driver npf.sys to start at boot time,
> > you solve the issue, as the driver is already up and running when
> > nmap needs even with non fully elevated privileges (and I think
> > this is what Wireshark does upon installation on Vista).
>
> I've suggested this before when people have come across this issue, as it's
> what I generally do when I've installed Nmap on Vista (as I like to keep UAC
> enabled):
>
> http://seclists.org/nmap-dev/2007/q4/0548.html
>
> As Gianluca points out, this means you can run Nmap as a standard user
> rather than restricting access to Administrators (or UAC nagging every time
> Nmap is invoked), which I think is a lot nicer/cleaner.
>
> I've previously suggested using the installer (which runs elevated) to set
> the registry key to start WinPcap at bootup and then somehow (ideas??) load
> the driver so that it's already up and running (to save the user from having
> to restart their PC or run Nmap/Zenmap elevated in order to load the driver
> immediately after installation):
>
> http://seclists.org/nmap-dev/2007/q4/0553.html
>
> I believe Wireshark uses the official WinPcap installer, but allows the user
> to check a box to change the default registry key (presumably set once
> WinPcap has installed itself with the default key value):
>
> http://www.everythingeverything.co.uk/files/winpcap_services_checkbox.png
>
> I quite like this option, perhaps this question could be added to the Nmap
> Windows installer? I would hope that people using the zip file version of
> Nmap either already have WinPcap installed or are sufficiently technical to
> know about UAC/elevation/the registry setting.
>
>
> Rob
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
>

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  • application/pgp-signature attachment: stored
Received on May 17 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos