Nmap Development mailing list archives
Re: Query Related to NMap v5.0
From: Fyodor <fyodor () insecure org>
Date: Mon, 24 Aug 2009 02:59:34 -0700
On Mon, Aug 24, 2009 at 11:35:30AM +0200, kx wrote:
I only have Windows XP SP3, so I can't play more, but this article should help: TCP/IP Raw Sockets http://msdn.microsoft.com/en-us/library/ms740548%28VS.85%29.aspx
Thanks for the link. The results don't look good: On Windows 7, Windows Server 2008 R2, Windows Vista, and Windows XP with Service Pack 2 (SP2), the ability to send traffic over raw sockets has been restricted in several ways: * TCP data cannot be sent over raw sockets. * UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address). * A call to the bind function with a raw socket is not allowed. These above restrictions do not apply to Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2. I'm not a Windows fan, but it is still frustrating to see them cripple their own platform like that. They basically left just enough functionality to keep ping.exe and tracert.exe working, and broke everything else. Of course Nmap also has tcp connect() port scanning, but MS intentionally crippled the connect call as well :/. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Query Related to NMap v5.0 Prasad Kamath (Aug 20)
- Re: Query Related to NMap v5.0 David Fifield (Aug 23)
- Re: Query Related to NMap v5.0 Fyodor (Aug 23)
- Re: Query Related to NMap v5.0 kx (Aug 24)
- Re: Query Related to NMap v5.0 Fyodor (Aug 24)
- Re: Query Related to NMap v5.0 Fyodor (Aug 23)
- Re: Query Related to NMap v5.0 David Fifield (Aug 23)