Nmap Announce mailing list archives

Re: nmap..... via web

From: Simple Nomad <thegnome () nmrc org>
Date: Fri, 19 Feb 1999 17:24:43 -0600 (CST)


[ snip ]

also you probably should hack nmap so that it runs suid root and drops
privs immediately after opening up a raw socket and a pcap file
descriptor.  in any application like this you have to assume that someone


[ snip ]

If the server is Linux, you can use either my nmrcOS kernel patch or
simply get Route's SPLIT GID patch from Phrack 52's article on securing
the Linux kernel (Route's SPLIT GID patch is in mine). You could set your
nmap up as SGID group 16 owned by nobody. The SPLIT GID patch allows
anyone in group 16 to do raw socket stuff. See http://www.phrack.com/ and
get p52 file 06 or check out http://www.nmrc.org/nmrcOS/

    Simple Nomad    //  "When viewed as a metaphor for the human
 thegnome () nmrc org  //    condition, the humble GNU C compiler
    www.nmrc.org    //         becomes an endless enigma."

Current thread:

Re: nmap..... via web, (continued)
- - Re: nmap..... via web MadHat (Feb 18)
    - Re: nmap..... via web Andrew Brown (Feb 18)
    - Re: nmap..... via web ajax (Feb 18)
    - Re: nmap..... via web Fyodor (Feb 19)
    - Re: nmap..... via web ajax (Feb 19)
    - Re: nmap..... via web David G. Andersen (Feb 19)
    - Re: nmap..... via web Lamont Granquist (Feb 19)
    - Re: nmap..... via web Fyodor (Feb 19)
    - Re: nmap..... via web Lars Marowsky-Bree (Feb 19)
    - Re: nmap..... via web ajax (Feb 19)
    - Re: nmap..... via web Simple Nomad (Feb 19)
    - Re: nmap..... via web HD Moore (Feb 19)
    - Re: nmap..... via web ajax (Feb 18)
  - Re: nmap..... via web CyberPsychotic (Feb 18)