Nmap Announce mailing list archives

Re: nmap..... via web

From: CyberPsychotic <mlists () gizmo kyrnet kg>
Date: Fri, 19 Feb 1999 10:03:21 +0500 (KGT)

~ I'd like to setup nmap, for OS guessing, via a web form. Mainly so people
~ within my company, can goto the web, type a host, it will try to guess its
~ OS, and return it to them.

I think this has been already done at www.netcraft.com. You may check it
out or contact these guys.


~ Second, apache runs as nobody.. Need root to do a tcp fingerprint.. Any
~ ideas on that?
~ 
good idea is to have nmap with setuid bit on, and the privilegies should
be dropped right after the SOCK_RAW was created. (since no other things I
think will require that). (the similar thing is used in ping and
traceroute).


Make sure however, if you are not the only user of your system, that no
other ordinary user will have permittions to execute it.

--
fygrave () tigerteam net                http://www.kalug.lug.net

Current thread:

Re: nmap..... via web, (continued)
- - - Re: nmap..... via web Fyodor (Feb 19)
    - Re: nmap..... via web ajax (Feb 19)
    - Re: nmap..... via web David G. Andersen (Feb 19)
    - Re: nmap..... via web Lamont Granquist (Feb 19)
    - Re: nmap..... via web Fyodor (Feb 19)
    - Re: nmap..... via web Lars Marowsky-Bree (Feb 19)
    - Re: nmap..... via web ajax (Feb 19)
    - Re: nmap..... via web Simple Nomad (Feb 19)
    - Re: nmap..... via web HD Moore (Feb 19)
    - Re: nmap..... via web ajax (Feb 18)
  - Re: nmap..... via web CyberPsychotic (Feb 18)