Nmap Announce mailing list archives
Re: nmap..... via web
From: MadHat <madhat () unspecific com>
Date: Thu, 18 Feb 1999 21:19:39 -0600
Make the CGI a perl script that is running SUID perl so it runs as root. Make the perl check to see where they are coming from and that the host they want to scan is inside your network before allowing to continue with the scan. That would be a bit risky if the script isn't written properly, but it should be fairly easy to do. Erik Parker wrote:
I'd like to setup nmap, for OS guessing, via a web form. Mainly so people within my company, can goto the web, type a host, it will try to guess its OS, and return it to them. As for for a cgi, or webform, or whatever needs to be done, I can have someone else figure that out. My to concerns are, What security problems should I expect.. if any.. The site would be restricted via htaccess, for the fact it is a possible DOS that ppl could do. Second, apache runs as nobody.. Need root to do a tcp fingerprint.. Any ideas on that? Cheers, Erik
Current thread:
- install fails. Jeffrey Roberson (Volt Computer) (Feb 18)
- nmap..... via web Erik Parker (Feb 18)
- Re: nmap..... via web MadHat (Feb 18)
- Re: nmap..... via web Andrew Brown (Feb 18)
- Re: nmap..... via web ajax (Feb 18)
- Re: nmap..... via web Fyodor (Feb 19)
- Re: nmap..... via web ajax (Feb 19)
- Re: nmap..... via web David G. Andersen (Feb 19)
- Re: nmap..... via web Lamont Granquist (Feb 19)
- Re: nmap..... via web Fyodor (Feb 19)
- Re: nmap..... via web Lars Marowsky-Bree (Feb 19)
- Re: nmap..... via web ajax (Feb 19)
- Re: nmap..... via web MadHat (Feb 18)
- Re: nmap..... via web Simple Nomad (Feb 19)
- nmap..... via web Erik Parker (Feb 18)