RE: SP2 and NMAP

["Castigliola, Angelo" <ACastigliola () unumprovident com>]

Microsoft told Fyodor the reason they disabled raw sockets in SP2 was:

"We have removed support for TCP sends over RAW sockets in SP2. We
surveyed applications and found the only apps using this on XP were
people writing attack tools."

Thor:

"Fyodor also said to try the --win_norawsock option worked in most
cases."

Paul Wobbe:

"I have found that I you set Namp to "do not ping" the IP and "do not
detect the OS" it works wit SP2."

Angelo Castigliola III
Operations Technical Analyst I
UnumProvident IT Services
207.575.3820
 
-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of PJ
Sent: Thursday, August 12, 2004 9:01 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] SP2 and NMAP
Importance: High

FYI... The current NMAP (Windows) version is now broken when applying
SP2.
MS has disabled the use of RAW packets... Details can be found on
insecure.org (by Fyodor).
... But then NMAP also ran on Win95 which did not support RAW packets -
thus
maybe a patched version will be available in the future.


Before someone says it ... I will.  You should be running Linux anyway
if
you want real functionality.

PJ

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html