Re: nmapwin Scan 10.10.10.* after you install it and start the service.

[Fyodor <fyodor () insecure org>]

On Sat, Jul 27, 2002 at 09:37:06AM -0400, ADONIS SAWAN (vllmeqtd) wrote:
> But after I installed and started the service I was pissed to see the
> scanner start scanning 10.10.10.* WITHOUT I tell it to do so.

I would be disturbed by that too.  But in this case I am pretty sure
it is a bug (really stupid default) and not anything malicious.  I
forwarded the Author (jens.vogt () bluewin ch) a report about this last
week, and his response (appended) says that it will be fixed in the
next version.

I have also forwarded Jens your advisory so that he can respond to
vuln-dev as appropriate.

Note that NmapWin does seem to be a pretty good Nmap UI for Windows.
It is currently a completely separate project, but it may become the
"official" recommended Nmap Windows GUI.  Of course, I'll be very
careful that issues like this are resolved before moving in that
direction.

> I do not know yet if nmapwin creator do send the scan result out. I have
> to dis-assemble it when I have time (hopefully next week).

Note that the source and CVS tree are in sourceforge.  You may wish to
examine these before going through too much dissassembly trouble.

Cheers,
Fyodor
http://www.insecure.org/

----- Forwarded message from jens.vogt () bluewin ch -----

Date: Thu, 25 Jul 2002 23:46:47 +0000
X-Mailer: Bluewin WebMail / BlueMail
X-Originating-IP: 172.21.1.216
From: jens.vogt () bluewin ch
To: mscox () ti com
Cc: "Fyodor" <fyodor () insecure org>
Subject: RE: [mscox () ti com: nmapwin scheduled to scan 10.10.10.0/24
out of the box]

Hi Michael...

this is a bug.... It will be fixed in 1.2.13 ( which come out in the
next days ). 1.2.13 will have a flag (called autostart) which will
determine whether the scan should be started at the selected
dates/times or not. If the check box is not selected, the scan has to
be started manually (via the service page of nmapwin). Per default
(after the installation, the flag will be set to 'false' -> no scan
will be started at service start).

Best regards
Jens

> -- Original Message --
> Date: Mon, 22 Jul 2002 11:14:25 -0700
> From: Fyodor <fyodor () insecure org>
> To: jens.vogt () bluewin ch
> Subject: [mscox () ti com: nmapwin scheduled to scan 10.10.10.0/24 out
> of
the
> box]
>
>
> Just forwarding along a bug report that was accidently sent to the
> list rather than you.
>
> -F
>
> ----- Forwarded message from "Cox, Michael" <mscox () ti com> -----
>
> Date: Mon, 22 Jul 2002 12:14:30 -0500
> X-Mailer: Internet Mail Service (5.5.2653.19)
> From: "Cox, Michael" <mscox () ti com>
> To: nmap-hackers () insecure org
> Subject: nmapwin scheduled to scan 10.10.10.0/24 out of the box
>
> FYI, if you are using nmapwin version 1.2.11 (I can't speak for other
> builds) it looks like it got built with the config set to
> automatically
scan
> 10.10.10.0/24 every day. This might cause some "issues" if your
> network
is
> routing that space and you aren't supposed to be scanning it :-)
>
> Looks like someone posted this same issue to sourceforge on Friday:
> http://sourceforge.net/tracker/index.php?func=detail&aid=583950&group_id=536
> 39&atid=471057
>
> ----- End forwarded message -----