Nmap Development mailing list archives
Re: Limit WinPcap use by unprivileged users
From: David Fifield <david () bamsoftware com>
Date: Mon, 27 Sep 2010 19:41:46 -0700
On Mon, Sep 27, 2010 at 01:54:26PM -0700, Gianluca Varenni wrote:
Definitely true. It's a design flaw in WinPcap, and the issue has been on the WinPcap todo list for a long time (years). Technically, it all boils down to applying the proper DACLs to the device objects (\\device\NPF_{GUID}) when they are created by the driver, so that only the admin users are allowed to read/write from such devices, and provide some sort of tool to add/remove users/groups allowed to access the devices (in practice work like the /dev/bpf devices under BSD and probably something similar to Linux).
So in principle it's possible to create an admin-only version of WinPcap, even if the tools for managing the set of allowed users don't yet exist? I think this would be an interesting development branch, even if just a proof of concept for the time being. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Limit WinPcap use by unprivileged users David Fifield (Sep 24)
- Re: Limit WinPcap use by unprivileged users DePriest, Jason R. (Sep 24)
- Re: Limit WinPcap use by unprivileged users David Fifield (Sep 24)
- Re: Limit WinPcap use by unprivileged users Patrik Karlsson (Sep 25)
- Re: Limit WinPcap use by unprivileged users Gianluca Varenni (Sep 27)
- Re: Limit WinPcap use by unprivileged users David Fifield (Sep 27)
- Re: Limit WinPcap use by unprivileged users Fyodor (Sep 28)
- Re: Limit WinPcap use by unprivileged users Gianluca Varenni (Sep 30)
- Re: Limit WinPcap use by unprivileged users David Fifield (Sep 24)
- Re: Limit WinPcap use by unprivileged users DePriest, Jason R. (Sep 24)