Nmap Development mailing list archives

Re: nmap issue

From: "Gianluca Varenni" <gianluca.varenni () gmail com>
Date: Fri, 16 May 2008 16:16:19 -0700


----- Original Message ----- 
From: "Brandon Enright" <bmenrigh () ucsd edu>
To: "Mike pattrick" <mpattrick () rhinovirus org>
Cc: <nmap-dev () insecure org>; <bmenrigh () ucsd edu>
Sent: Friday, May 16, 2008 3:38 PM
Subject: Re: nmap issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 16 May 2008 18:36:20 -0400
"Mike pattrick" <mpattrick () rhinovirus org> wrote:

Oops, I sent the previous copy of this to Fyodor only instead of the
nmap-dev list.

I guess this is a completely loaded suggestion as implementation would
be difficult, but you could bypass UAC if nmap's scanner was
implemented as a service.

Sincerely,
Michael Patrick


Correct me if I'm wrong (Gianluca?), but you don't need to make Nmap a
service as long as WinPCAP is installed and running as a service.


Strictly speaking, WinPcap is *not* a service. The component that requires 
admin privileges to be started is the kernel driver npf.sys, which is 
managed almost exactly as a service by Windows (as all the non-PnP kernel 
drivers). In any case, if you set the driver npf.sys to start at boot time, 
you solve the issue, as the driver is already up and running when nmap needs 
even with non fully elevated privileges (and I think this is what Wireshark 
does upon installation on Vista). Otherwise, you can simply embed a manifest 
in the executable to ask for privilege elevation, but the user needs to 
authorize nmap to run at every single execution.

Have a nice day
GV


Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkguDO0ACgkQqaGPzAsl94JReQCgrF4cb/FLBkV9AyV0S+azNm3J
PIsAn2gdJdeGLAxdElLd/YcGO6V7H2VJ
=c95T
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

nmap issue Chris Detzel (May 15)
- RE: nmap issue Aaron Leininger (May 15)
  - RE: nmap issue Chris Detzel (May 15)
    - Re: nmap issue Gianluca Varenni (May 15)
    - RE: nmap issue Chris Detzel (May 16)
    - Re: nmap issue Fyodor (May 16)
    - Message not available
    - Re: nmap issue Mike pattrick (May 16)
    - Re: nmap issue Brandon Enright (May 16)
    - Re: nmap issue Gianluca Varenni (May 16)
    - RE: nmap issue Rob Nicholls (May 17)
    - Re: nmap issue bensonk (May 17)
    - RE: nmap issue Rob Nicholls (May 17)
    - Re: nmap issue bensonk (May 17)
    - Unofficial WinPcap Installer Issue Rob Nicholls (May 19)
    - Re: Unofficial WinPcap Installer Issue jah (May 19)
    - Re: Unofficial WinPcap Installer Issue Gianluca Varenni (May 19)
    - RE: Unofficial WinPcap Installer Issue Rob Nicholls (May 19)
    - Silent Installation? Rob Nicholls (May 20)
    - Message not available
    - [PATCH] Windows Installer Improvements Rob Nicholls (May 21)

(Thread continues...)