Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nping 0.1BETA2 Released

From: Dirk Loss <lists () dirk-loss de>
Date: Sun, 23 Aug 2009 20:10:26 +0200
Hi Luis,

Luis M. wrote:

Dirk Loss wrote:

Why does --udp automatically decide when to use raw sockets and --tcp
does not? To put it another way: Why do we need --tcp-connect if we do
not need --udp-sendto?

[...]

I think we may need to change the behaviour so it's consistent in all
cases. What about:

 - User is unprivileged and did not supply mode:  --> Use TCP-Connect
 - User is unprivileged and supplied --tcp --> Use TCP-Connect
 - User is unprivileged and supplied --upd --> User UDP unprivileged
 - User is root and did not supply mode --> Use ICMP Echo
 - User is root and supplied --tcp --> Use raw sockets TCP
 - User is root and supplied --udp --> User raw sockets UDP
 - User is root and wants to use TCP-Connect --> User needs to either
pass --tcp-connect or --unprivileged
 - User is root and want unprivileged UDP --> User needs to pass
--unprivileged or --udp-XXXXX (any suggestions?. --udp-sendto() may not
be the best idea because when we use raw sockets we also use sendto() to
transmit the data).


Great, that is exactly what I was after.
Moreover, I wonder if the --tcp-connect or --udp-XXXXX commandline options are really needed. Removing them might simplify the user interface. Would it be sufficient just to have the --unprivileged option and let Nping automatically switch to --tcp-connect (or --udp-XXXXX respectively)? It seems the user has to expect some automatic mode switching anyway, as can be seen from the other cases above. Or is there any use case where someone wants to avoid specifiying --unprivileged but nevertheless insist on --tcp-connect mode?
Anyway, I would appreciate an info message that clarifies which mode Nping is actually using -- especially because Nping may have decided automatically about the mode and because the amount of data available for output will be much less in --unprivileged mode. 

Regards
Dirk

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: