Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

nmap front end feedback

From: Alvin Oga <alvin.sec () Mail Linux-Consulting com>
Date: Sun, 24 Jun 2001 14:41:54 -0700 (PDT)

hi nmap-experts

thank you for the 1000's of feedback scans that you
all did.... ( geez what a response )...
        - added some additional "throw away characters" in the "hostname"
        (  % and - )

- my motivation for the frontend...
        - i got tired of looking at the nmap man pages 
        each time i wanted to scan one of my new hosts/clients etc..

        it also helps some ( me included ) to tighten up their boxes
        and turn things off that was supposed to have been off ...

        - and needed to give them managers a nice look-n-feel
        ( nice is all relative of course..

anyway, yes, i concur that allowing people sorta anonymous
nmap scans of other hosts is bad ...
        - i equally hate "login required" before scanning
                ( maybe add the ip# field for those that do login ??
                ( but does NOT solve the problem of scanning
                ( [cr/h]ackers can login too

        - its trivial to disallow entering the ip#
        ( problem was the static webpage nmap.test.html to initialize
        ( the nmap scan vs running the script to begin with
        (
        ( http://.../cgi-bin/nmap_check.pl?IP=1.2.3.4  was/is missing
        ( the first time thru .. thats why i picked "localhost" to start

        - its trivial to also disallow too many scans from a person

        - we can also disallow the hackers/crackers ip in the
        httpd.conf files ??

        - if it gets to be too much of an admin issue...
        ( the input field will disappear ...

- the script can also be run manually from the command line...
  though i haven't check it lately

- if the hacker/abuser wants to scan their potential target host
  they can already run nmap anyway ?? and probably have
  many staging machines ???

- if the legit user does not have lynx or netscape on the target
  host ... it makes it harder to scan and check that host ...
        so i liked the idea of entering an ip# ...

- as for duplicating the script etc for your own network ...
  you'd need the following...
        - perl and nmap
        - sudo  ( took me a while to figure it out - the fun part )

        - php or equivalent...
        ( since i dont know php... i use my own whacky dynamic webpage
          generator ( gwif )

        - i can tar up the files for you to download and install etc
        but there is NO support for "howto" change the gwif files

        - if you see a   *.gwif.html file on this site ... the "real
          webpage" is the *.gwif .... the html version is generated by
          the gwif binary ...

        ( gopher-web-intermediate-file ..... gopher was 100x bigger in
          those days

thanx again for your feedbacks ... hope it helped some of you
alvin
http://www.Linux-Sec.net/Audit/nmap.test.html


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: