|
|
| Author |
Message |
shazam
|
|
OS for Nmap
| 
Apr 1 15:19 UTC 2000 |
An easy question for the right person- I've downloaded Nmap and I would like
to know if I need to have a lynux operating platform to use it correctly, or
can I just run it on any systm?
|
| 45 responses total. |
scott
|
|
response 1 of 45:
|
Apr 2 02:08 UTC 2000 |
You can't run it here.
|
sj2
|
|
response 2 of 45:
|
Apr 2 07:43 UTC 2000 |
i ran it on linux and i think it should run on any unix system with a
few changes. btw, its a great tool. Oh! And if you are wondering
whether it would run on WinXX, forget it,
|
shazam
|
|
response 3 of 45:
|
Apr 2 12:04 UTC 2000 |
Thankyou Siddhartha Jain,with more research I have learnt that you are reight
nand that it will run on most unix OS.I've ordered the linux operating system,
Red Hat 6.2-CD, and like you said, I have to make a few adjustments to the
current configuration and wallah!!! Well that's theoritically plausible but
in practice I'm sure it won't be so easy,I'll keep in touch. if you want to
contact me, email"gpohle@dot.net.au"
|
janc
|
|
response 4 of 45:
|
Apr 3 03:48 UTC 2000 |
I'm too lazy to type "Nmap" into Google. What is Nmap?
|
atticus
|
|
response 5 of 45:
|
Apr 3 15:11 UTC 2000 |
From nmap homepage (http://www.insecure.org/nmap):
"nmap is a utility for port scanning large networks, although it works
fine for single hosts. The guiding philosophy for the creation of nmap
is TMTOWTDI (There's More Than One Way To Do It). This is the Perl
slogan, but it is equally applicable to scanners. Sometimes you need
speed, other times you may need stealth. In some cases, bypassing
firewalls may be required. Not to mention the fact that you may want to
scan different protocols (UDP, TCP, ICMP, etc.). You just can't do all
this with one scanning mode. And you don't want to have 10 different
scanners around, all with different interfaces and capabilities. Thus I
incorporated virtually every scanning technique I know into nmap."
|
jazz
|
|
response 6 of 45:
|
Apr 3 15:19 UTC 2000 |
Oh, it's a hacking tool.
|
sj2
|
|
response 7 of 45:
|
Apr 3 15:42 UTC 2000 |
Finally, the Jazz spoketh ( whatever is that supposed to mean ). I
think nmap is a great tool especially with that ftp thing it does. I
tried SATAN but it did not work on my system. Right now i am working
with Solaris 7 and i don't have a net connection ( we are waiting for
an ISDN connection ). As and when that happens i will try to "port" it
to Solaris. Btw, could someone enlighten me about the difference in IP
Masq. and Proxying. I read the stuff in ipchains documentation but it
is isn't very comprehensive.
|
jazz
|
|
response 8 of 45:
|
Apr 3 18:59 UTC 2000 |
There are legitimate uses for hacking tools. :) But they're not
generally what they get used for.
|
janc
|
|
response 9 of 45:
|
Apr 4 22:38 UTC 2000 |
Can someone remind me what the legitimate uses for a mass port scanner
are? I keep forgetting? I mean, besides trying it on your own subnet
before someone else does.
|
scg
|
|
response 10 of 45:
|
Apr 4 22:42 UTC 2000 |
I generally use them to make sure I'm not running anything external services
I don't intend to be running, or to make sure my packet filters are doing what
I want them to do. Of course, I suppose that could count as trying it on my
own subnet before somebody else does.
ISPs with policies banning their residential customers from running servers
sometimes run port scanners against their customers' computers. Many of the
cable modem companies, in particular, are rumored to do that.
|
bdh3
|
|
response 11 of 45:
|
Apr 5 00:30 UTC 2000 |
re#9&10: Duh. I also use port scanners to show a customer a 'before' and
'after' snapshot of their network during a firewall install.
|
jazz
|
|
response 12 of 45:
|
Apr 5 20:13 UTC 2000 |
Got it before I could answer.
Portscanners are useful, to show you what your own potential security
risks are, and also to help determine if certian ports are being filtered by
ISPs, when run over a distance against a properly configured target host.
Does anyone, outside of professionals, use portscanners for this
purpose? Probably not many.
|
jmsaul
|
|
response 13 of 45:
|
Apr 5 21:18 UTC 2000 |
But more should. If you're on an xDSL or cable modem connection, you are
the sysadmin of a machine connected to the Net, like it or not.
|
jazz
|
|
response 14 of 45:
|
Apr 6 14:46 UTC 2000 |
It's of dubious use, though, portscanning a network from within the
network. Especially when the network is NATted through a single host IP.
|
jmsaul
|
|
response 15 of 45:
|
Apr 6 15:23 UTC 2000 |
Good point.
|
other
|
|
response 16 of 45:
|
Apr 9 06:35 UTC 2000 |
I wonder if there is a free- or shareware utility I can use for the
Macintosh to determine when and what it is sending via RF to the airport
base station. There isn't even a meter indicating activity for either rx
or tx as there is in the software for the internal modem.
|
scott
|
|
response 17 of 45:
|
Apr 9 13:46 UTC 2000 |
What frequency? Maybe just a fixed receiver (my police scanner goes up to
900 something MHz) so you can listen to the activity.
|
other
|
|
response 18 of 45:
|
Apr 10 02:05 UTC 2000 |
2.4GHz
|
raven
|
|
response 19 of 45:
|
Apr 11 05:16 UTC 2000 |
Linked to cyberpunk. Come discuss whether you think there are legitimate
uses for *nix sys admin tools for home users. It seems this argument
might apply to other GNU Linux tools such as traceroute. What do you
think?
|
darkskyz
|
|
response 20 of 45:
|
Apr 11 07:02 UTC 2000 |
There are definatly uses for admin tools for home users- I use them for my
3 computer LAN.
|
jazz
|
|
response 21 of 45:
|
Apr 11 14:57 UTC 2000 |
Well, let's call a spade a spade, and admit they're hacking tools.
There are legitimate uses for hacking tools, as we've mentioned, as there are
legitimate uses for lockpicks. But, like lockpicks, the majority of the uses
aren't exactly kosher.
System administration tools are things like CDE. :P
|
gull
|
|
response 22 of 45:
|
Apr 11 21:03 UTC 2000 |
Of course, if more sysadmins had some rudimentary hacking skills, we
wouldn't have the widespread security problems on the internet that we do
now... To make effective locks, you have to be able to think like a thief.
|
jazz
|
|
response 23 of 45:
|
Apr 11 21:06 UTC 2000 |
Unfortunately, not many companies realise the amount of time and skill
that's required to really secure a network ... I wouldn't blame the
administrators, but the people who failed to realise security is a concern.
Usually it becomes a concern only after a hacking incident, and then it's
outsourced or sent to a not-terribly-often used team mouldering in a closet
somewhere.
|
bobhayes
|
|
response 24 of 45:
|
May 3 00:57 UTC 2000 |
Apart form pointing out the more obvious gaping holes in my box,
I find nmap to be useful in Linux advocacy since I can run it on
major sites and impress my friends with all the vunerable open ports
it invaribly finds :^) I've yet to hack anywhere (and probably never
will) but I like the fact that Linux enables me to do that if I wanted
to, and out of the box as well (nmap and john both come installed
by default in the install I chose.) I've never had any complaints from
any server I've (stealth) scanned either.
|
