Raw sockets in Windows Client vs Windows Server?

["Luis MartinGarcia." <luis.mgarc () gmail com>]

Hi all,

As you all know, raw sockets are restricted on Windows Client machines.
For that reason, on Windows, Nmap injects packets at the Ethernet level.
While this works, it limits the type of network devices and network
configurations that users can have if they want to run Nmap.

However, Windows Server 2003, 2008, 2008R2 (and probably the new 2012)
do not limit raw sockets (at least according to
http://msdn.microsoft.com/en-us/library/windows/desktop/ms740548%28v=vs.85%29.aspx).

So my email is basically to see if there is any interest on
differentiating Windows Client and Windows server, or it isn't worth the
pain. I'm not saying I want to work on this myself, just that we could
add an item to the todo list if there is any interest. What do you think?

Regards,

Luis MartinGarcia.


PS:  By the way, it is possible to get the OS version at runtime using
GetProductInfo(). Details at:
http://msdn.microsoft.com/en-us/library/ms724358.aspx Also, an
implementation example is available here:
http://msdn.microsoft.com/en-us/library/ms724429.aspx. However, the
problem is a lot more complex than detecting the OS version at runtime,
because at compile-time some code would need to be compiled on all
windows versions, while some other would only need to be compiled for
the client version.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/