Nmap Development mailing list archives
RE: registry patch for vista to enable regular user's to use nmap via changing npf start to 2 instead of 3
From: "Rob Nicholls" <robert () everythingeverything co uk>
Date: Mon, 10 Dec 2007 21:04:42 -0000
I only spotted Sina's message on the RSS feed, not sure if it'll turn up in my inbox later or if one of my spam filters didn't like the attached .reg file and it's ended up somewhere else for me to find when I've got a spare moment... Changing the key to 2 would - I think - only make it work after a reboot, I don't recall being asked to reboot after installing WinPcap separately (and I'm assuming the nmap version of the installer doesn't either, I don't think I've tried it since something like 4.22 *blush*). The setup file is definitely going to run elevated, so you could probably get away with the installer (for Vista users - or perhaps any 6.x users seeing as Windows 2008 will be out shortly?) setting the key to 2 AND using the installer to load the WinPcap driver so it's ready straight away. I suppose the other question is do we want to check if UAC is enabled/disabled when nmap is installed and only set it to 2 if UAC is enabled? Or can we present users with a choice of options, with 2 as the default selection? Also, is there a way we can get nmap to detect and tell Windows users that it failed to load WinPcap rather than the current (and not particularly helpful to new users) error message about it failing to open the device? I think all of my suggestions in this paragraph should wait until after the stable release ;) It might be worth putting Sina's .reg file into the zip, seeing as it's a tiny file, so that Vista users that prefer the zip can run the file if they want to. If that happens, it'd be nice if someone could update the instructions at: http://insecure.org/nmap/install/inst-windows.html#inst-win-zip with a new bullet point between 4 and 5 (seeing as it relates to WinPcap, it should come after 4) saying something like: "If you want to run Nmap with an account that does not have Administrator privileges, or you have User Account Control (UAC) enabled on Windows Vista, apply the Registry changes in the xxxxxxxxxxx.reg file. This enables WinPcap to load automatically when Windows starts, which allows Nmap to be run by any user." Replacing xxxxxxxxxxx.reg with whatever filename you decide to go with (I prefer the term Standard to Regular, as it re-uses Vista's terminology, but I'd also like the filename to reflect that we're editing a WinPcap setting). Rob --- From: Sina Bahram <sbahram_at_nc.rr.com> Date: Mon, 10 Dec 2007 10:12:01 -0500 Hi all, Sorry for the insanely long subject; however, I figured that preventing folks from needing to use regedit and all that would be nice for the final release, so I've attached a .reg file which simply achieves this task. It sets the appropriate start attribute of npf to 2 instead of 3. This should then allow regular users to use nmap without requiring them to start an elevated cmd session. Can we include this in the final release as a helper script? Take care, Sina _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- registry patch for vista to enable regular user's to use nmap via changing npf start to 2 instead of 3 Sina Bahram (Dec 10)
- <Possible follow-ups>
- RE: registry patch for vista to enable regular user's to use nmap via changing npf start to 2 instead of 3 Rob Nicholls (Dec 10)