Nmap Development mailing list archives
Re: Should nmap fall back to -sT if we can't perform a raw scan?
From: Fyodor <fyodor () nmap org>
Date: Thu, 1 May 2014 16:57:27 -0700
On Tue, Apr 29, 2014 at 4:18 AM, Jacek Wielemborek <d33tah () gmail com> wrote:
List, On my system, nmap's executable has selinux privileges allowing it to perform raw scans, which I turn on by default by exporting NMAP_PRIVILEGED="1". Today I noticed that this setup breaks scanning localhost: [13:16:20][~/workspace/nmap-svn]$ ./nmap --privileged localhost Starting Nmap 6.46 ( http://nmap.org ) at 2014-04-29 13:16 CEST socket troubles in Init: Operation not permitted (1) Perhaps we need to fall back to -sT in some cases, such as this one?
Hi Jacek. That's a good point but, on the other hand, Nmap would have used -sT by default. Except you specified --privileged, which tells Nmap to assume it has all the privileges it needs to do a raw scan. Which it didn't, in this case. So I don't know if Nmap should second guess the user in these cases. Three other options are: 1) You could change SELinux so that the extra privileges work for localhost too (and maybe creating a secwiki page detailing what you've done would be great) 2) You could not specify --privileged, at least for cases like this where it won't work 3) You can manually specify -sT Cheers, Fyodor _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Should nmap fall back to -sT if we can't perform a raw scan? Jacek Wielemborek (Apr 29)
- Re: Should nmap fall back to -sT if we can't perform a raw scan? Fyodor (May 01)