Nmap Development mailing list archives
Gsoc
From: Daniel Sarmiento <dsarmientos () gmail com>
Date: Tue, 12 Mar 2013 16:03:18 -0400
Hello I would like to know if nmap will be applying for Google Summer of Code this year. Thanks, Daniel On Mar 12, 2013 2:00 PM, <dev-request () nmap org> wrote:
Send dev mailing list submissions to dev () nmap org To subscribe or unsubscribe via the World Wide Web, visit http://nmap.org/mailman/listinfo/dev or, via email, send a message with subject or body 'help' to dev-request () nmap org You can reach the person managing the list at dev-owner () nmap org When replying, please edit your Subject line so it is more specific than "Re: Contents of dev digest..." Today's Topics: 1. Re: Nmap under OpenVZ venet? (NStorm) 2. New VA Modules: OpenVAS: 35, Nessus: 17 (New VA Module Alert Service) ---------------------------------------------------------------------- Message: 1 Date: Tue, 12 Mar 2013 08:55:30 +0400 From: NStorm <nstorm0.0 () privatdemail net> To: dev () nmap org Subject: Re: Nmap under OpenVZ venet? Message-ID: <201303120855.30821.nstorm0.0 () privatdemail net> Content-Type: Text/Plain; charset="iso-8859-1" On Thursday 07 March 2013 14:54:06 David Fifield wrote:On Wed, Mar 06, 2013 at 09:11:55AM +0400, NStorm wrote:Long version: I've read a bits regarding the issues with venet devices on listarchives(http://seclists.org/nmap-dev/2012/q2/808). Seems like there is no solution yet. I've tried this myself and got interesting results. Seems like if I run it from normal user it works fine: $ nmap -A -v host.domain Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-06 07:28 MSK NSE: Loaded 106 scripts for scanning. NSE: Script Pre-scanning. Initiating Ping Scan at 07:28 Scanning host.domain (X.X.X.X) [2 ports] Completed Ping Scan at 07:28, 1.36s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 07:28 Completed Parallel DNS resolution of 1 host. at 07:28, 0.05s elapsed Initiating Connect Scan at 07:28 Scanning host.domain (X.X.X.X) [1000 ports] Discovered open port 53/tcp on ... And scan completes as normal. But if I try to run the same thing, from same host just under root priveledges (either from sudo or directly from shell) it seems to go weird: Initiating ARP Ping Scan at 07:27 Scanning host.domain (X.X.X.X) [1 port] Completed ARP Ping Scan at 07:27, 0.42s elapsed (1 total hosts) Nmap scan report for host.domain (X.X.X.X) [host down]Can you send me your nmap --route-dst X.X.X.X nmap --iflist (As root.) David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/Its really not related to the setup I guess, because I've tested that on 4 different hosts. Be it rented VPS from a provider with real Internet IP on venet0 or my own container behind a private network. Here is the list from my private container: # nmap --iflist Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-12 08:50 MSK ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MTU MAC lo (lo) 127.0.0.1/8 loopback up 16436 lo (lo) ::1/128 loopback up 16436 venet0 (venet0) 127.0.0.1/32 ethernet up 1500 00:00:00:00:00:00 venet0 (venet0) 192.168.9.50/32 ethernet up 1500 00:00:00:00:00:00 **************************ROUTES************************** DST/MASK DEV GATEWAY 169.254.0.0/16 venet0 0.0.0.0/0 venet0 ::1/128 lo # nmap --route-dst 8.8.8.8 Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-12 08:50 MSK 8.8.8.8 venet0 venet0 srcaddr 192.168.9.50 direct WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.03 seconds # ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=49 time=83.9 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=49 time=83.5 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=49 time=83.4 ms ^C --- 8.8.8.8 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2135ms rtt min/avg/max/mdev = 83.425/83.618/83.919/0.397 ms # traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 my-host-node (192.168.9.233) 0.028 ms 0.011 ms 0.009 ms 2 my-internet-gw (X.X.X.X) 1.704 ms 1.708 ms 1.700 ms ... ------------------------------ Message: 2 Date: Tue, 12 Mar 2013 10:02:29 -0700 (PDT) From: New VA Module Alert Service <postmaster () insecure org> To: nmap-dev () insecure org Subject: New VA Modules: OpenVAS: 35, Nessus: 17 Message-ID: <20130312170229.5DD67B2137 () web insecure org> Content-Type: text/plain; charset="utf-8" This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == OpenVAS plugins (35) == r15671 870962 2013/gb_RHSA-2013_0614-01_xulrunner.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0614-01_xulrunner.nasl?root=openvas&view=markup RedHat Update for xulrunner RHSA-2013:0614-01 r15671 865442 2013/gb_fedora_2013_1286_python-tw2-jquery_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_1286_python-tw2-jquery_fc17.nasl?root=openvas&view=markup Fedora Update for python-tw2-jquery FEDORA-2013-1286 r15671 870953 2013/gb_RHSA-2013_0609-01_qemu-kvm.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0609-01_qemu-kvm.nasl?root=openvas&view=markup RedHat Update for qemu-kvm RHSA-2013:0609-01 r15671 865444 2013/gb_fedora_2013_1277_python-tw2-jquery_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_1277_python-tw2-jquery_fc18.nasl?root=openvas&view=markup Fedora Update for python-tw2-jquery FEDORA-2013-1277 r15671 870955 2013/gb_RHSA-2013_0599-01_xen.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0599-01_xen.nasl?root=openvas&view=markup RedHat Update for xen RHSA-2013:0599-01 r15671 870950 2013/gb_RHSA-2013_0604-01_java-1.6.0-openjdk.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0604-01_java-1.6.0-openjdk.nasl?root=openvas&view=markup RedHat Update for java-1.6.0-openjdk RHSA-2013:0604-01 r15671 870956 2013/gb_RHSA-2013_0603-01_java-1.7.0-openjdk.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0603-01_java-1.7.0-openjdk.nasl?root=openvas&view=markup RedHat Update for java-1.7.0-openjdk RHSA-2013:0603-01 r15671 865430 2013/gb_fedora_2013_3052_rubygem-json_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3052_rubygem-json_fc18.nasl?root=openvas&view=markup Fedora Update for rubygem-json FEDORA-2013-3052 r15671 865439 2013/gb_fedora_2013_3253_crypto-utils_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3253_crypto-utils_fc18.nasl?root=openvas&view=markup Fedora Update for crypto-utils FEDORA-2013-3253 r15671 865443 2013/gb_fedora_2013_3630_kernel_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3630_kernel_fc18.nasl?root=openvas&view=markup Fedora Update for kernel FEDORA-2013-3630 r15671 870958 2013/gb_RHSA-2013_0623-01_tomcat6.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0623-01_tomcat6.nasl?root=openvas&view=markup RedHat Update for tomcat6 RHSA-2013:0623-01 r15671 865433 2013/gb_fedora_2013_2862_drupal7_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_2862_drupal7_fc18.nasl?root=openvas&view=markup Fedora Update for drupal7 FEDORA-2013-2862 r15671 865431 2013/gb_fedora_2013_2872_drupal7_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_2872_drupal7_fc17.nasl?root=openvas&view=markup Fedora Update for drupal7 FEDORA-2013-2872 r15671 870954 2013/gb_RHSA-2013_0611-01_ruby.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0611-01_ruby.nasl?root=openvas&view=markup RedHat Update for ruby RHSA-2013:0611-01 r15671 865440 2013/gb_fedora_2012_20092_libproxy_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2012_20092_libproxy_fc17.nasl?root=openvas&view=markup Fedora Update for libproxy FEDORA-2012-20092 r15671 841352 2013/gb_ubuntu_USN_1755_2.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_ubuntu_USN_1755_2.nasl?root=openvas&view=markup Ubuntu Update for openjdk-7 USN-1755-2 r15671 841351 2013/gb_ubuntu_USN_1756_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_ubuntu_USN_1756_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1756-1 r15671 841354 2013/gb_ubuntu_USN_1758_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_ubuntu_USN_1758_1.nasl?root=openvas&view=markup Ubuntu Update for firefox USN-1758-1 r15671 865429 2013/gb_fedora_2013_3032_gksu-polkit_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3032_gksu-polkit_fc18.nasl?root=openvas&view=markup Fedora Update for gksu-polkit FEDORA-2013-3032 r15671 870960 2013/gb_RHSA-2013_0628-01_389-ds-base.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0628-01_389-ds-base.nasl?root=openvas&view=markup RedHat Update for 389-ds-base RHSA-2013:0628-01 r15671 865436 2013/gb_fedora_2013_3050_rubygem-json_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3050_rubygem-json_fc17.nasl?root=openvas&view=markup Fedora Update for rubygem-json FEDORA-2013-3050 r15671 870949 2013/gb_RHSA-2013_0602-01_java-1.7.0-openjdk.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0602-01_java-1.7.0-openjdk.nasl?root=openvas&view=markup RedHat Update for java-1.7.0-openjdk RHSA-2013:0602-01 r15671 870957 2013/gb_RHSA-2013_0605-01_java-1.6.0-openjdk.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0605-01_java-1.6.0-openjdk.nasl?root=openvas&view=markup RedHat Update for java-1.6.0-openjdk RHSA-2013:0605-01 r15671 865432 2013/gb_fedora_2013_3467_java-1.7.0-openjdk_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3467_java-1.7.0-openjdk_fc17.nasl?root=openvas&view=markup Fedora Update for java-1.7.0-openjdk FEDORA-2013-3467 r15671 865435 2013/gb_fedora_2013_3038_ruby_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3038_ruby_fc17.nasl?root=openvas&view=markup Fedora Update for ruby FEDORA-2013-3038 r15671 865438 2013/gb_fedora_2013_3037_ruby_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3037_ruby_fc18.nasl?root=openvas&view=markup Fedora Update for ruby FEDORA-2013-3037 r15671 865441 2013/gb_fedora_2013_3259_crypto-utils_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_3259_crypto-utils_fc17.nasl?root=openvas&view=markup Fedora Update for crypto-utils FEDORA-2013-3259 r15671 870959 2013/gb_RHSA-2013_0621-01_kernel.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0621-01_kernel.nasl?root=openvas&view=markup RedHat Update for kernel RHSA-2013:0621-01 r15671 865437 2013/gb_fedora_2013_2892_gnutls_fc18.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_2892_gnutls_fc18.nasl?root=openvas&view=markup Fedora Update for gnutls FEDORA-2013-2892 r15671 870961 2013/gb_RHSA-2013_0627-01_thunderbird.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0627-01_thunderbird.nasl?root=openvas&view=markup RedHat Update for thunderbird RHSA-2013:0627-01 r15671 870951 2013/gb_RHSA-2013_0612-01_ruby.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0612-01_ruby.nasl?root=openvas&view=markup RedHat Update for ruby RHSA-2013:0612-01 r15671 841350 2013/gb_ubuntu_USN_1755_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_ubuntu_USN_1755_1.nasl?root=openvas&view=markup Ubuntu Update for openjdk-6 USN-1755-1 r15671 841353 2013/gb_ubuntu_USN_1757_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_ubuntu_USN_1757_1.nasl?root=openvas&view=markup Ubuntu Update for python-django USN-1757-1 r15671 865434 2013/gb_fedora_2013_2793_openssl_fc17.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_fedora_2013_2793_openssl_fc17.nasl?root=openvas&view=markup Fedora Update for openssl FEDORA-2013-2793 r15671 870952 2013/gb_RHSA-2013_0594-01_kernel.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_RHSA-2013_0594-01_kernel.nasl?root=openvas&view=markup RedHat Update for kernel RHSA-2013:0594-01 == Nessus plugins (17) == 65208 solaris10_148888.nasl http://nessus.org/plugins/index.php?view=single&id=65208 Solaris 10 (sparc) : 148888-01 65207 redhat-RHSA-2013-0629.nasl http://nessus.org/plugins/index.php?view=single&id=65207 RHEL 4 / 5 / 6 : jbossweb (RHSA-2013-0629) 65206 redhat-RHSA-2013-0628.nasl http://nessus.org/plugins/index.php?view=single&id=65206 RHEL 6 : 389-ds-base (RHSA-2013-0628) 65205 redhat-RHSA-2013-0627.nasl http://nessus.org/plugins/index.php?view=single&id=65205 RHEL 5 / 6 : thunderbird (RHSA-2013-0627) 65204 redhat-RHSA-2013-0626.nasl http://nessus.org/plugins/index.php?view=single&id=65204 RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013-0626) 65203 redhat-RHSA-2013-0625.nasl http://nessus.org/plugins/index.php?view=single&id=65203 RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013-0625) 65202 redhat-RHSA-2013-0624.nasl http://nessus.org/plugins/index.php?view=single&id=65202 RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013-0624) 65201 redhat-RHSA-2013-0623.nasl http://nessus.org/plugins/index.php?view=single&id=65201 RHEL 6 : tomcat6 (RHSA-2013-0623) 65200 redhat-RHSA-2013-0621.nasl http://nessus.org/plugins/index.php?view=single&id=65200 RHEL 5 : kernel (RHSA-2013-0621) 65199 freebsd_pkg_68c1f75b882411e29996c48508086173.nasl http://nessus.org/plugins/index.php?view=single&id=65199 FreeBSD : perl -- denial of service via algorithmic complexity attack on hashing routines (68c1f75b-8824-11e2-9996-c48508086173) 65198 ircd_shadowircd_capab_dos.nasl http://nessus.org/plugins/index.php?view=single&id=65198 ShadowIRCd m_capab.c Denial of Service 65197 ircd_ratbox_capab_dos.nasl http://nessus.org/plugins/index.php?view=single&id=65197 ircd-ratbox m_capab.c Denial of Service 65196 ircd_charybdis_capab_dos.nasl http://nessus.org/plugins/index.php?view=single&id=65196 Charybdis IRCd m_capab.c Denial of Service 65192 mozilla_thunderbird_1704_esr.nasl http://nessus.org/plugins/index.php?view=single&id=65192 Mozilla Thunderbird ESR 17.x < 17.0.4 nsHTMLEditor Use-After-Free 65191 mozilla_thunderbird_1704.nasl http://nessus.org/plugins/index.php?view=single&id=65191 Mozilla Thunderbird 17.x < 17.0.4 nsHTMLEditor Use-After-Free 65190 macosx_thunderbird_17_0_4_esr.nasl http://nessus.org/plugins/index.php?view=single&id=65190 Thunderbird ESR 17.x < 17.0.4 nsHTMLEditor Use-After-Free (Mac OS X) 65189 macosx_thunderbird_17_0_4.nasl http://nessus.org/plugins/index.php?view=single&id=65189 Thunderbird 17.x < 17.0.4 nsHTMLEditor Use-After-Free (Mac OS X) ------------------------------ Subject: Digest Footer _______________________________________________ dev mailing list dev () nmap org http://nmap.org/mailman/listinfo/dev ------------------------------ End of dev Digest, Vol 96, Issue 22 ***********************************
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Gsoc Daniel Sarmiento (Mar 12)
- Re: Gsoc Fyodor (Mar 17)