Windows XP SP2 incompatible with Nmap

[Fyodor <fyodor () insecure org>]

This is just a heads-up that most Nmap functionality will not work on
the just-released Microsoft Windows SP2.  Why?  Microsoft apparently
broke it on purpose!  When an Nmap user asked MS why security tools
such as Nmap broke, MS responded[1]:

 "We have removed support for TCP sends over RAW sockets in SP2.
  We surveyed applications and found the only apps using this on XP were
  people writing attack tools."

I don't know why they consider Nmap an "attack tool", particularly
when they recommend it on some of their own pages[2].  Shrug.
Removing SP2 re-enables the functionality and causes Nmap to work
again.  Many problems unrelated to Nmap have been found with SP2 as
well[3], though it does some welcome security improvements for people
stuck on that platform.

I will work on this if I get time, but am currently busy rewriting the
core port scanning engine for the next version of Nmap.  It is much
faster, offers much better multiple-host parallelization, and provides
other long-desired features such as completion time estimates.  If
someone finds a solution to this SP2 problem, please send a patch.  It
may not be too hard, as Nmap supports operating systems such as Win95
that didn't have raw socket support in the first place.

Cheers,
Fyodor

[1] http://seclists.org/lists/nmap-dev/2004/Apr-Jun/0077.html
[2] http://www.microsoft.com/serviceproviders/security/tools.asp
[3] http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=23905071


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List archive: http://seclists.org