Nmap Development mailing list archives
Re: GSoC'10
From: Fyodor <fyodor () insecure org>
Date: Sat, 3 Apr 2010 17:56:15 -0700
On Sat, Mar 27, 2010 at 08:49:14AM -0400, Walt Scrivens wrote:
Just based on observations of Apple's behavior, I would have to say that they would never approve nmap for the iPhone. I hope I'm wrong, but they seem to avoid anything that might disclose any network information. Some time ago, I was helping Pavel Ahafonau (http://www.paully.com) to debug his network utilities which Apple has allowed, but they are very limited in their capability compared to nmap. That leaves only jailbreak as your option.
This is an important concern to raise, and also a key reason I own an N900 rather than an iPhone, but I don't think we need to dismiss the idea of Nmap in the iPhone App Store. At least not without strong evidence that Apple really would ban it. After all, some similar apps are available. For example: NetDetective by Three Jacks Software "In addition to essential tools for the networking professional (including Trace Route, WhoIs, and Ping) NetDetective gives users the ability to audit intranet connectivity. Using low level techniques common to NMap and other powerful network auditing tools, NetDetective will expose open TCP ports, UDP ports, and UPnP/Bonjour services running anywhere on your network." http://itunes.apple.com/us/app/netdetective/id362243292 I imagine that we might have to compile without NSE, as I'm guessing that being able to execute arbitrary scripts would break Apple's "security model". And I'm skeptical about whether we'd be able to get raw packet scans/sniffing, so it might have to work the way Nmap does when you don't have root access (e.g. connect scans). Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: GSoC'10 Fyodor (Apr 03)
- Re: GSoC'10 Michael Pattrick (Apr 03)