Nmap Development mailing list archives
New Snowden leak: British spy agency has secret program to enhance Nmap for stealthier scanning through Tor
From: Fyodor <fyodor () nmap org>
Date: Mon, 14 Jul 2014 17:00:35 -0700
Hi folks. You may have heard of the new Snowden leak of secret British spy agency (GCHQ) catalog of various software tools and exploits used for counter-terrorism and other intelligence purposes. Interestingly, one of the tools--Silver Specter--allows "batch Nmap scanning over Tor". It is listed as "In Development" by the Joint Threat Research Intelligence Group (JTRIG). Of course newer versions of Nmap already have partial proxy scanning support, which can be used to scan through Tor when used alongside tools such as proxychains and tortunnel. Multiple Internet tutorials provide detailed instructions for this. Still, if the GCHQ makes any improvements in this regard, it'd be nice if they'd contribute them back to the community by sending to the Nmap dev list. Of course that's not likely for a secret program with it's own code word, but fortunately we're doing just fine without their help. In particular, Henri Doreau's --proxies option already allows chaining of multiple SOCKS4 and CONNECT proxies for version detection and NSE script scanning. And native port scanning through proxies (including Tor) may be available in the very next Nmap release, thank in part to Jacek Wielemborek's current Summer of Code work.
From Hollywood to secretive spy agencies, you never know where Nmap will
pop up! Here are some relevant links: The secret GCHQ catalog itself: https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/ Bruce Schneier commentary: https://www.schneier.com/blog/archives/2014/07/gchq_catalog_of.html Glenn Greenwald commentary: https://firstlook.org/theintercept/2014/07/14/manipulating-online-polls-ways-british-spies-seek-control-internet/ Guardian article: http://www.theguardian.com/uk-news/2014/jul/14/gchq-tools-manipulate-online-information-leak 3rd Party Tutorial on using Nmap through Tor: http://www.aldeid.com/wiki/Tor/Usage/Nmap-scan-through-tor Cheers, Fyodor _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New Snowden leak: British spy agency has secret program to enhance Nmap for stealthier scanning through Tor Fyodor (Jul 14)
- <Possible follow-ups>
- Re: New Snowden leak: British spy agency has secret program to enhance Nmap for stealthier scanning through Tor Darren M (Jul 19)