Re: Nping 0.1BETA2 Released

["Luis M." <luis.mgarc () gmail com>]

Hi Dirk,


Dirk Loss wrote:
> Hi,
>
> some initial feedback on Nping 0.1BETA2, mainly on documentation:
>
> Installation on Mac OS X 10.5.8 was very easy using the .dmg file
>
> The man page is awesome. Really exhaustive, still very readable and it
> teaches a lot about all the different packets and their usage.
> Well done!
>
> The attached patches (against r15209) include some minor corrections
> to the man page and the help screen. Please take them as suggestions,
> because English is not my native language.

Great! Thanks a lot for the patches. I've reviewed them and they look
great, I've just applied them.


> Could a "-vvv" syntax be supported in addition to "-v -v -v" and
> "-v3"? I think this would make it more consistent with Nmap.
> Same with -d and -q. Moreover the verbosity levels do not seem to
> influence output in --unprivileged mode. A note in the man page could
> be helpful.

Yes, you're right, Nping should also support that syntax. I'll add it to
the to-do list right away.


> Why does --udp automatically decide when to use raw sockets and --tcp
> does not? To put it another way: Why do we need --tcp-connect if we do
> not need --udp-sendto?

Well, it's actually the other way around. When --tcp is specified, Nping
always tries to use raw sockets so if the user does not have raw socket
privileges, gets an error message. If users want to do simple connect()s
they need to supply --tcp-connect explicitely (unless they are
unprivileged users and didn't specify any mode, in which case, Nping
chooses tcp-connect automatically). However, with UDP the behaviour
changes.  If an unprivileged user  runs "nping --udp google.com" , then
Nping uses "UDP Unprivileged mode", which basically means that it will
only call sendto() using a regular socket. If user has root privileges
then an IP header and a UDP header will be created and they'll be
transmitted through a raw socket.

I think we may need to change the behaviour so it's consistent in all
cases. What about:

 - User is unprivileged and did not supply mode:  --> Use TCP-Connect
 - User is unprivileged and supplied --tcp --> Use TCP-Connect
 - User is unprivileged and supplied --upd --> User UDP unprivileged
 - User is root and did not supply mode --> Use ICMP Echo
 - User is root and supplied --tcp --> Use raw sockets TCP
 - User is root and supplied --udp --> User raw sockets UDP
 - User is root and wants to use TCP-Connect --> User needs to either
pass --tcp-connect or --unprivileged
 - User is root and want unprivileged UDP --> User needs to pass
--unprivileged or --udp-XXXXX (any suggestions?. --udp-sendto() may not
be the best idea because when we use raw sockets we also use sendto() to
transmit the data).


> Regards
> Dirk

Again, thanks for your patches and your suggestions.

Regards,


Luis.




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org