Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

[Fwd: Windows XP SP2 incompatible with Nmap]

From: James Davis <jamesd () jml net>
Date: Wed, 11 Aug 2004 21:30:19 +0100
Thought this might be informative for the members of this list not subscribed to the nmap-hackers mailing list. 

Regards,

James

-------- Original Message --------
Subject: Windows XP SP2 incompatible with Nmap
Date: Wed, 11 Aug 2004 12:31:23 -0700
From: Fyodor <fyodor () insecure org>
To: nmap-hackers () insecure org

This is just a heads-up that most Nmap functionality will not work on
the just-released Microsoft Windows SP2.  Why?  Microsoft apparently
broke it on purpose!  When an Nmap user asked MS why security tools
such as Nmap broke, MS responded[1]:

 "We have removed support for TCP sends over RAW sockets in SP2.
  We surveyed applications and found the only apps using this on XP were
  people writing attack tools."

I don't know why they consider Nmap an "attack tool", particularly
when they recommend it on some of their own pages[2].  Shrug.
Removing SP2 re-enables the functionality and causes Nmap to work
again.  Many problems unrelated to Nmap have been found with SP2 as
well[3], though it does some welcome security improvements for people
stuck on that platform.

I will work on this if I get time, but am currently busy rewriting the
core port scanning engine for the next version of Nmap.  It is much
faster, offers much better multiple-host parallelization, and provides
other long-desired features such as completion time estimates.  If
someone finds a solution to this SP2 problem, please send a patch.  It
may not be too hard, as Nmap supports operating systems such as Win95
that didn't have raw socket support in the first place.

Cheers,
Fyodor

[1] http://seclists.org/lists/nmap-dev/2004/Apr-Jun/0077.html
[2] http://www.microsoft.com/serviceproviders/security/tools.asp
[3] http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=23905071 


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help () insecure org . List archive: http://seclists.org





--
"As a result of the war, corporations have been enthroned and an era of corruption in high places will follow, and the money power of the country will endeavor to prolong its reign by working upon the prejudices of the people until all wealth is aggregated in a few hands and the Republic is destroyed. I feel at this moment more anxiety for the safety of my country than ever before, even in the midst of war." 
        Abraham Lincoln, 1864
Previous By Date Next
Previous By Thread Next

Current thread: