Re: Gsoc 2011 idea about IPv6

[Rob Nicholls <robert () robnicholls co uk>]

On Thu, 24 Mar 2011 09:06:56 -0700, David Fifield wrote:
> Windows doesn't support raw sockets at all

I don't think that's entirely true. Server 2003 has apparently always 
been unaffected:

http://seclists.org/nmap-hackers/2005/4

This web page from Microsoft suggests it's also still possible on 
Windows 2008 and 2008 R2:

http://msdn.microsoft.com/en-us/library/ms740548(v=vs.85).aspx

Limitations on Raw Sockets

On Windows 7, Windows Vista, Windows XP with Service Pack 2 (SP2), and 
Windows XP with Service Pack 3 (SP3), the ability to send traffic over 
raw sockets has been restricted in several ways:

 - TCP data cannot be sent over raw sockets.
 - UDP datagrams with an invalid source address cannot be sent over raw 
sockets. The IP source address for any outgoing UDP datagram must exist 
on a network interface or the datagram is dropped. This change was made 
to limit the ability of malicious code to create distributed 
denial-of-service attacks and limits the ability to send spoofed packets 
(TCP/IP packets with a forged source IP address).
 - A call to the bind function with a raw socket for the IPPROTO_TCP 
protocol is not allowed.

Note  The bind function with a raw socket is allowed for other 
protocols (IPPROTO_IP, IPPROTO_UDP, or IPPROTO_SCTP, for example).

These above restrictions do not apply to Windows Server 2008 R2, 
Windows Server 2008, Windows Server 2003, or to versions of the 
operating system earlier than Windows XP with SP2.


I suspect the majority of Nmap users aren't using Windows Server; but 
some of us have access to Windows Server variants to perform port 
scans/penetration tests. It's probably not going to be a high priority 
on the todo list though.

Rob

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/