Re: [Full-Disclosure] Give XP SP2 a chance
From: Stef (stefmit_at_gmail.com)
Date: 08/12/04
- Previous message: PJ: "[Full-Disclosure] SP2 and NMAP"
- In reply to: Charles Earl: "[Full-Disclosure] Give XP SP2 a chance"
- Next in thread: Todd Towles: "RE: [Full-Disclosure] Give XP SP2 a chance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Thu, 12 Aug 2004 10:33:46 -0500
Hmmm ... talking about what you just said: to me M$ just offered
security practitioners yet another reason to have a live *nix CD
handy, after having "upgraded" their "favorite(?!?)" OS to SP2, or
just plainly use an OS with capabilities of supporting the much needed
security tools:
========== insecure.org ==========================
Subject: Windows XP SP2 incompatible with Nmap
Date: Wed, 11 Aug 2004 12:31:23 -0700
From: Fyodor <fyodor@insecure.org>
To:
This is just a heads-up that most Nmap functionality will not work on
the just-released Microsoft Windows SP2. Why? Microsoft apparently
broke it on purpose! When an Nmap user asked MS why security tools
such as Nmap broke, MS responded[1]:
"We have removed support for TCP sends over RAW sockets in SP2.
We surveyed applications and found the only apps using this on XP were
people writing attack tools."
I don't know why they consider Nmap an "attack tool", particularly
when they recommend it on some of their own pages[2]. Shrug. Removing
SP2 re-enables the functionality and causes Nmap to work again. Many
problems unrelated to Nmap have been found with SP2 as well[3], though
it does some welcome security improvements for people stuck on that
platform.
I will work on this if I get time, but am currently busy rewriting the
core port scanning engine for the next version of Nmap. It is much
faster, offers much better multiple-host parallelization, and provides
other long-desired features such as completion time estimates. If
someone finds a solution to this SP2 problem, please send a patch. It
may not be too hard, as Nmap supports operating systems such as Win95
that didn't have raw socket support in the first place.
Cheers,
Fyodor
[1] http://seclists.org/lists/nmap-dev/2004/Apr-Jun/0077.html
[2] http://www.microsoft.com/serviceproviders/security/tools.asp
[3] http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=23905071
=================================
On Thu, 12 Aug 2004 09:06:49 -0400, Charles Earl <earlcw@starship.ca> wrote:
> What is the problem with this service pack? Vendor applications suck, all of
<snip>
> I'm tired of every new version of applications being more feature ridden and
> buggier than the last.
>
<snip>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: PJ: "[Full-Disclosure] SP2 and NMAP"
- In reply to: Charles Earl: "[Full-Disclosure] Give XP SP2 a chance"
- Next in thread: Todd Towles: "RE: [Full-Disclosure] Give XP SP2 a chance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
