[PATCH] Windows Installer Improvements

["Rob Nicholls" <robert () everythingeverything co uk>]

> Can anyone confirm that we can still install Nmap (and WinPcap) silently?

I discovered how to perform a silent install, using /S D="C:\Program
Files\Nmap\" for example, so I was right that the current installer no
longer installs WinPcap silently.

Attached is a patch that covers the following:

 - Fixed the Nmap installer so installing Zenmap without installing Nmap
Core Files no longer produces an error message:
"Error opening file for writing:
\zenmap\COPYING"
This was done by adding SetOutPath and SetOverwrite to the Zenmap section,
which is normally set by the Nmap Core Files section.

 - Identical to above, added the same two lines to the WinPcap and Network
Performance Improvements sections, so that the files are written to the
$INSTDIR so we're able to execute them (they were previously written to
the root of the drive and silently failing when the filenames were called
expecting to find them in the $INSTDIR).

 - Fixed the Nmap installer so it silently invokes the WinPcap installer
if the Nmap installer was called silently. Given that no one appears to
have noticed this oversight for several months (possibly dating back to
August last year?), it does seem to add weight to switching to the
official WinPcap installer ;-)

 - Tweaks to the wording/descriptions (added a description for Zenmap, for
example) in Nmap's installer. Feel free to tweak any of the new wording
or revert the changed text.

 - The WinPcap installer now registers the npf service (using sc.exe) on
non-Windows 2000 systems (i.e. XP and above). This saves a reboot to get
WinPcap running (e.g. useful for XP users that are running as Admin and
want to use Nmap before their next reboot). Windows 2000 users will still
have to rely on a reboot, as per the original installer behaviour. Mind
you, people running Windows 2000 should be used to reboots ;)

 - The Nmap installer now waits for the WinPcap installer to finish
installing before continuing the install process. This ensures that the
files are in place before the user can click Next. This takes them to the
new WinPcap Options page, which allows users to start WinPcap's "npf"
service immediately and set it to load at startup. These checkboxes are
unchecked on non-Vista/2008 machines; Vista/2008 users are presented with
slightly different text and the checkboxes are checked by default. NB: A
silent install appears to skip the custom pages, so the "recommended"
settings do not take effect (i.e. the service isn't started and does not
start at startup). On a related note, the shortcuts don't get created
either during a silent install. This custom page means the addition of
two new ini files to be used by InstallOptions (unless someone can come
up with a more elegant solution?).

 - The Nmap installer now has a Finish page. This means users that just
install Nmap Core Files no longer click Next and see the installer
somewhat unexpectedly disappear. It also allows me to sort out the
behaviour of the Back and Next buttons on the WinPcap/Shortcut pages that
only appear if the sections were selected (the WinPcap settings and
shortcuts are only created on whichever page precedes the final page with
the Finish button, as I didn't like the idea of users not being able to
go back each time they hit Next). Again, any suggestions to improve upon
the wording would be appreciated.

I'm sure people will let me know if there are any problems applying the
patch. Hopefully this makes the installer more user friendly, especially
for Vista users that were seeing the dnet error message. A silent
installation (even on Vista/2008) won't start the service immediately or
on startup, which should alleviate the security concerns of running
WinPcap at startup when silently deploying Nmap across a network.


Rob

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org