#288
-------- Original Message --------
Subject: Windows XP SP2 incompatible with Nmap
Date: Wed, 11 Aug 2004 12:31:23 -0700
From: Fyodor <[email protected]>
To: [email protected]
This is just a heads-up that most Nmap functionality will not work on the just-released Microsoft Windows SP2. Why? Microsoft apparently broke it on purpose! When an Nmap user asked MS why security tools such as Nmap broke, MS responded[1]:
"We have removed support for TCP sends over RAW sockets in SP2.
We surveyed applications and found the only apps using this on XP were
people writing attack tools."
I don't know why they consider Nmap an "attack tool", particularly when they recommend it on some of their own pages[2]. Shrug.
Removing SP2 re-enables the functionality and causes Nmap to work again. Many problems unrelated to Nmap have been found with SP2 as well[3], though it does some welcome security improvements for people stuck on that platform.
I will work on this if I get time, but am currently busy rewriting the core port scanning engine for the next version of Nmap. It is much faster, offers much better multiple-host parallelization, and provides other long-desired features such as completion time estimates. If someone finds a solution to this SP2 problem, please send a patch. It may not be too hard, as Nmap supports operating systems such as Win95 that didn't have raw socket support in the first place.
Cheers,
Fyodor
[1] http://seclists.org/lists/nmap-dev/2004/Apr-Jun/0077.html
[2] http://www.microsoft.com/serviceproviders/security/tools.asp
[3]
http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=23905071
-----
erdekes, mire nem jo ez a SP2...
#288