Nmap Development mailing list archives
Re: nping notes
From: Djalal Harouni <tixxdz () opendz org>
Date: Sun, 15 Apr 2012 14:03:30 +0100
Hi, Thanks for sending this, I'll add a note to complaint (2) On Sat, Apr 14, 2012 at 09:36:09PM -0700, dan farmer wrote: [...]
2) Different and almost invisible but important behavior based on intangibles is a really, really bad idea. Yes, Nmap does this too, and I¹ve already griped to Fyodor about it long ago (see what good it did there!) But to have nping do one thing when you¹re root and a very different thing as a normal user in the most common option of them all is guaranteed to confound and garner negativity. I¹m talking about the simple: $ nping example.com Vs. the very different: # nping example.com The difference here, if not clear, is the prompt; the euid of the user, whether priv¹d or not (actually I think sometimes it¹s euid, and othertimes permissions on the dev). I¹ll talk about this more later. But suffice it to say that invisibly toggling behavior and changing output based on euid (or w/e is used) is not a very friendly thing to do, and certainly against the unix tradition (shaking my cane!) I had no idea why it was doing tcp pings by default then found out as root it did icmp by default. I'd much
There is the new ICMP ECHO with sockets on Linux [1] which can be used for unprivileged/privileged users.
rather get an error as an upriv'd user. FWIW, IMHO, etc. (FWIW/FYI, on some linux systems, you can do ³# cp /bin/ping /tmp/tmp-ping; setcap 'cap_net_raw=+ep' /tmp/tmp-ping² and /tmp/tmp-ping will work like normal ping, even w/o SUID bit.)
I agree, and IMO root should drop to capabilities by default if they are supported. If cap_net_raw is there then Nmap also must use it, this way we also protect all this code Nping,Nmap/NSE (scripts and libraries) ... from any abuse. [1] http://thread.gmane.org/gmane.linux.kernel/1139863 -- tixxdz http://opendz.org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nping notes dan farmer (Apr 14)
- Re: nping notes Djalal Harouni (Apr 15)