Nmap Development mailing list archives
Re: Nmap Online
From: David Matousek <david () matousec com>
Date: Wed, 29 Nov 2006 19:22:14 +0100
Hello, 1) Thanks for --interactive, will be added. It is not a problem even now, because such Nmap session would be killed after timeouted. But of course, it is better to add it. 2) You can not execute shell-commands (erm :) you should not be able to). 3) You can scan local network but the machine firewall will show you nothing. Maybe also a good idea to add to filter just to save a few ticks of processor time. Thanks! -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/ Ron Bowes wrote:
Hans Nilsson wrote:That might be prudent. I noticed that the --interactive flag doesn't seem to be blacklisted and you can execute shell-commands from there and everything. But it might not be an issue.I'm not sure if you can send commands with --interactive, but you're right, it seems dangerous. Another idea -- don't allow people to scan the local network (192.168.0.0/24). Just a suggestion :) _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap Online David Matousek (Nov 28)
- Re: Nmap Online Hans Nilsson (Nov 28)
- Re: Nmap Online Diman Todorov (Nov 28)
- Re: Nmap Online Ron Bowes (Nov 28)
- Re: Nmap Online Hans Nilsson (Nov 29)
- Re: Nmap Online Ron Bowes (Nov 29)
- Re: Nmap Online David Matousek (Nov 29)
- Re: Nmap Online Ron Bowes (Nov 29)
- Re: Nmap Online David Matousek (Nov 30)
- Re: Nmap Online Hans Nilsson (Nov 30)
- Re: Nmap Online David Matousek (Nov 30)
- Re: Nmap Online Hans Nilsson (Nov 29)
- Re: Nmap Online Hans Nilsson (Nov 28)