Nmap Development mailing list archives
Nmap ideas thrown around on IRC
From: doug () hcsw org
Date: Tue, 22 Apr 2008 11:44:54 -0700
Hi nmap-dev, Here are some snippets from a conversation between me (Fractal) and Diman (HET2) with some nmap ideas: <HET2> if i was a student this soc <HET2> i'd have applied for the mobile nmap stuff <HET2> nmap on my nds /me muses -:- You have new email. <Fractal> ya that would be fun -:- You have new email. <Fractal> i wouldn't mind seeing priv. sep. in nmap <HET2> priv sep? <HET2> what's that <Fractal> privilege separation <Fractal> so instead of doing scans as root it would fork off a process, chroot(), drop UID/GID <Fractal> possibly set NOFILE rlimit to 0 so it can't open more sockets <Fractal> and return results to root process via a pipe(2) <HET2> hmm <Fractal> just in case any bugs discovered in nmap <HET2> what's the advantage <HET2> yeah well, the forked process will run as root, wouldn't it <HET2> :) <Fractal> you aren't running a potentially vulnerable process as root <Fractal> not necessrily <Fractal> you could open the necessary pcap/dnet descriptors -:- You have new email. <Fractal> and then drop privileges and run as nobody <HET2> hmm <HET2> that sounds like a good idea <HET2> only thing is <HET2> i've seen the sources to Nsock <HET2> and i doubt anyone would find it fun to work on them <Fractal> hmm.. well nsock prolly wouldn't need to be changed.. <Fractal> but ya i agree would be a lot of work <HET2> it would be outside of nsock? <Fractal> well nsock is mostly just a callback library that will work fine no matter the UID of the process <HET2> it's probably a very good idea <HET2> but <Fractal> like i'm thinking the fork() would take place before starting NSE for instance <HET2> i'd much rather have someone rewrite output.cc <Fractal> yes! <HET2> and NmapTable.cc <Fractal> that code is awful <Fractal> output.cc i maen <Fractal> hack after hack and it shows :) <HET2> fyodor should have made the table row wise, not col wise <HET2> it would have solved so much woes <HET2> also <Fractal> ya.. i think we shoul dhave some srt of DOM-like data structure <HET2> real xml support would be neat also <HET2> yeah <Fractal> host["localhost"].state = "UP"; <Fractal> host["localhost"].tcp.port[80].state = "FILTERED"; <HET2> printf("<port state=\"%s\"/>", state) <HET2> !!! <Fractal> heh ya it's pretty smelly :) <HET2> if tim berners lee saw that we'd be out of the window <Fractal> haha -:- You have new email. <HET2> actually <HET2> i've been pondering <HET2> if it isn't a good idea to make all the output in lua <Fractal> mind if I cc nmap-dev a log of these ideas? <HET2> not at all <Fractal> wut you mean re: lua output? <HET2> have output.cc in lua <HET2> you give the lua interpreter a data structure with the results <HET2> and lua construcuts the output -:- You have new email. <Fractal> interesting.. what's the advantage? <HET2> you get the advantage of anonymous functions and all that <HET2> it's not like it is performance criticial ... <jurand> afternoon <HET2> i am wondering if patrick will fix the scheduling problems <Fractal> jurand - hello <HET2> nse gets into endless loops sometimes and we still don't know why exactly <HET2> hi jurand <Fractal> interesting.. hopefully the debugger will help <HET2> not really <HET2> it's some awkward concurrency issue -:- You have new email. <Fractal> oh i see.. ya those can be very hard to track down Come visit us on #nmap @ EFnet (efnet.demon.co.uk irc.prison.net efnet.xs4all.nl etc). Doug (Fractal)
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap ideas thrown around on IRC doug (Apr 22)
- Re: Nmap ideas thrown around on IRC bensonk (Apr 22)
- Re: Nmap ideas thrown around on IRC doug (Apr 22)
- Re: Nmap ideas thrown around on IRC bensonk (Apr 22)
- Re: Nmap ideas thrown around on IRC Fyodor (Apr 22)
- Re: Nmap ideas thrown around on IRC doug (Apr 22)
- Re: Nmap ideas thrown around on IRC bensonk (Apr 22)
- Re: Nmap ideas thrown around on IRC Fyodor (Apr 22)