Re: Nping 0.1BETA2 Released

[Fyodor <fyodor () insecure org>]

On Sun, Aug 23, 2009 at 01:28:56PM +0100, Luis M. wrote:
> I think we may need to change the behaviour so it's consistent in all
> cases. What about:
>
>  - User is unprivileged and did not supply mode:  --> Use TCP-Connect
>  - User is unprivileged and supplied --tcp --> Use TCP-Connect
>  - User is unprivileged and supplied --upd --> User UDP unprivileged
>  - User is root and did not supply mode --> Use ICMP Echo
>  - User is root and supplied --tcp --> Use raw sockets TCP
>  - User is root and supplied --udp --> User raw sockets UDP
>  - User is root and wants to use TCP-Connect --> User needs to either
> pass --tcp-connect or --unprivileged

This sounds good to me, and is strikingly similar to Nmap's host
discovery defaults (yay consistency!)

>  - User is root and want unprivileged UDP --> User needs to pass
> --unprivileged or --udp-XXXXX (any suggestions?. --udp-sendto() may not
> be the best idea because when we use raw sockets we also use sendto() to
> transmit the data).

I think either way is reasonable: either adding a special option now,
or letting people use --unprivileged for now and adding the special
--udp-whatever option if we see demand from users for it.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org