Nmap Announce mailing list archives
Re: nmap..... via web
From: Simple Nomad <thegnome () nmrc org>
Date: Fri, 19 Feb 1999 17:24:43 -0600 (CST)
[ snip ]
also you probably should hack nmap so that it runs suid root and drops privs immediately after opening up a raw socket and a pcap file descriptor. in any application like this you have to assume that someone
[ snip ] If the server is Linux, you can use either my nmrcOS kernel patch or simply get Route's SPLIT GID patch from Phrack 52's article on securing the Linux kernel (Route's SPLIT GID patch is in mine). You could set your nmap up as SGID group 16 owned by nobody. The SPLIT GID patch allows anyone in group 16 to do raw socket stuff. See http://www.phrack.com/ and get p52 file 06 or check out http://www.nmrc.org/nmrcOS/ Simple Nomad // "When viewed as a metaphor for the human thegnome () nmrc org // condition, the humble GNU C compiler www.nmrc.org // becomes an endless enigma."
Current thread:
- Re: nmap..... via web, (continued)
- Re: nmap..... via web MadHat (Feb 18)
- Re: nmap..... via web Andrew Brown (Feb 18)
- Re: nmap..... via web ajax (Feb 18)
- Re: nmap..... via web Fyodor (Feb 19)
- Re: nmap..... via web ajax (Feb 19)
- Re: nmap..... via web David G. Andersen (Feb 19)
- Re: nmap..... via web Lamont Granquist (Feb 19)
- Re: nmap..... via web Fyodor (Feb 19)
- Re: nmap..... via web Lars Marowsky-Bree (Feb 19)
- Re: nmap..... via web ajax (Feb 19)
- Re: nmap..... via web MadHat (Feb 18)
- Re: nmap..... via web Simple Nomad (Feb 19)
- Re: nmap..... via web HD Moore (Feb 19)
- Re: nmap..... via web ajax (Feb 18)