Nmap Development mailing list archives
Re: [PATCH] Experimental SCTP scan support
From: doug () hcsw org
Date: Mon, 5 Jan 2009 05:21:38 +0000
On Sun, Jan 04, 2009 at 07:49:18PM -0800 or thereabouts, Fyodor wrote:
Sounds like a great feature! Anyone want to make a patch so that Nmap always uses this when available? It would be good for security, and may help us identify bugs which might otherwise go unnoticed (as we saw in this case). Ideally it would cover PCRE and OpenSSL too.
I would except that I'm not familiar enough with autoconf. You just need to add -D_FORTIFY_SOURCE=2 to the gcc command lines. I think most people probably use a pre-compiled SSL and IIRC systems like oBSD ports use a pre-compiled PCRE too so nmap might not always be able to fortify those.
o Can't have a significant performance penalty (I don't think it would, but it is worth a few test scans to make sure).
I'm pretty sure the performance impact especially for a program like nmap that doesn't use many string functions in its inner loops will be minimal. Doug
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 02)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 02)
- Re: [PATCH] Experimental SCTP scan support Kris Katterjohn (Jan 02)
- Re: [PATCH] Experimental SCTP scan support Kris Katterjohn (Jan 03)
- Re: [PATCH] Experimental SCTP scan support doug (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Fyodor (Jan 04)
- Re: [PATCH] Experimental SCTP scan support doug (Jan 04)
- _FORTIFY_SOURCE=2 David Fifield (Jan 22)
- Re: _FORTIFY_SOURCE=2 David Fifield (Feb 14)
- Re: [PATCH] Experimental SCTP scan support doug (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Kris Katterjohn (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 03)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 03)
- Re: [PATCH] Experimental SCTP scan support pUm (Jan 04)
- Re: [PATCH] Experimental SCTP scan support Daniel Roethlisberger (Jan 04)