Nmap Announce mailing list archives

Re: nmap..... via web

From: don () mars dgrc crc ca (Donald McLachlan)
Date: Mon, 22 Feb 1999 14:21:17 -0500

From: Lars Marowsky-Bree <lmb () teuto net>

On 1999-02-19T12:13:31,
   Lamont Granquist <lamontg () raven genome washington edu> said:

since so many people seem to be trying to use nmap for these kinds of
things maybe nmap needs these patches in the development tree...


No. IMNSHO, these people need some common sense. Triggering an nmap scan via
WWW ? Hello? *knock knock* Can you say DoS ? Can you say "exploit" ?


The legitimate use I can see is to test whether your firewall is really
doing what you think.  The best way is to test fron a foreign source address
(web server out on the Internet).

If the web page would only scan the single host the http connection is
from, and had "buttons" to select options for TCP/UDP/etc I think this
should be a fairly safe and useful tool.

Don

Current thread:

Re: nmap..... via web Joel Gridley (Feb 19)
- <Possible follow-ups>
- Re: nmap..... via web Holger Heimann (Feb 19)
- Re: nmap..... via web Donald McLachlan (Feb 22)
  - RE: nmap..... via web Frank Miller (Feb 22)
  - RE: nmap..... via web Russell Evans (Feb 26)
- RE: nmap..... via web Kris Northern (Feb 22)
- Re: nmap..... via web Daemor (Feb 22)
  - Re: nmap..... via web Philip Ehrens (Feb 23)