Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: nmap front end feedback

nmap front end feedback

From: Alvin Oga <alvin.sec_at_Mail.Linux-Consulting.com>
Date: Sun, 24 Jun 2001 14:41:54 -0700 (PDT)

hi nmap-experts

thank you for the 1000's of feedback scans that you
all did.... ( geez what a response )...
        - added some additional "throw away characters" in the "hostname"
        ( % and - )

- my motivation for the frontend...
        - i got tired of looking at the nmap man pages
        each time i wanted to scan one of my new hosts/clients etc..

        it also helps some ( me included ) to tighten up their boxes
        and turn things off that was supposed to have been off ...

        - and needed to give them managers a nice look-n-feel
        ( nice is all relative of course..

anyway, yes, i concur that allowing people sorta anonymous
nmap scans of other hosts is bad ...
        - i equally hate "login required" before scanning
                ( maybe add the ip# field for those that do login ??
                ( but does NOT solve the problem of scanning
                ( [cr/h]ackers can login too

        - its trivial to disallow entering the ip#
        ( problem was the static webpage nmap.test.html to initialize
        ( the nmap scan vs running the script to begin with
        (
        ( http://.../cgi-bin/nmap_check.pl?IP=1.2.3.4 was/is missing
        ( the first time thru .. thats why i picked "localhost" to start

        - its trivial to also disallow too many scans from a person

        - we can also disallow the hackers/crackers ip in the
        httpd.conf files ??

        - if it gets to be too much of an admin issue...
        ( the input field will disappear ...

- the script can also be run manually from the command line...
  though i haven't check it lately

- if the hacker/abuser wants to scan their potential target host
  they can already run nmap anyway ?? and probably have
  many staging machines ???

- if the legit user does not have lynx or netscape on the target
  host ... it makes it harder to scan and check that host ...
        so i liked the idea of entering an ip# ...

- as for duplicating the script etc for your own network ...
  you'd need the following...
        - perl and nmap
        - sudo ( took me a while to figure it out - the fun part )

        - php or equivalent...
        ( since i dont know php... i use my own whacky dynamic webpage
          generator ( gwif )

        - i can tar up the files for you to download and install etc
        but there is NO support for "howto" change the gwif files

        - if you see a *.gwif.html file on this site ... the "real
          webpage" is the *.gwif .... the html version is generated by
          the gwif binary ...

        ( gopher-web-intermediate-file ..... gopher was 100x bigger in
          those days

thanx again for your feedbacks ... hope it helped some of you
alvin
http://www.Linux-Sec.net/Audit/nmap.test.html

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jun 25 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]