Who uses the Nmap Windows silent install feature, and why?

[Fyodor <fyodor () nmap org>]

Hi folks!  We were thinking of making some changes to the little-known
"silent" install feature of the Nmap Windows installer (the /S command-line
option), but I wanted to check first who (if anyone) is using it now, and
why?  Basically there are a couple problems with having this feature:

1) This doesn't happen a lot, but sometimes malware/rootkits/botnets will
either include Nmap or have the compromised system download it as needed
and then install Nmap with /S so the actual system user/owner isn't aware
of it.  This is undesirable for many reasons, but a particular concern is
that it could hurt the reputation of our new EV codesigning certificate if
the Windows Nmap installer we distribute is used for malicious purposes
like this.    Of course the malware could make their own installer or
install Nmap on the system manually, but that's more work for them and at
least they can't sign it with our key in that case. So systems like MS
SmartScreen are more likely to detect it and warn the user.

2) The Nmap license does not allow companies to redistribute Nmap within
proprietary software unless they buy a special license for that.  The idea
is that everyone who redistributes Nmap should either be giving back by
making their own software open source too, or by buying a license which
helps fund the project.  Of course some companies try to illegally sneak
Nmap into their products anyway.  They usually install in silent mode so
the Nmap screen doesn't pop up and give them away.

One obvious "solution" to these problems is just to remove the /S option
from the Nmap Windows installer and make an OEM installer for legitimate
redistributors.  But we don't want to do that without first asking whether
anyone here actually uses /S for good/important purposes?

Cheers,
Fyodor

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/