Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 Apr 2011 02:21:34 +0100
From: Djalal Harouni <>
Subject: Re: Nmap 5.51

On 2011-03-16 18:55:55 +0300, Solar Designer wrote:
> Vasiliy,
> Now that OpenVZ has re-labeled their latest "testing" kernel (the one we
> have in Owl-current) as "stable", I intend to get lots of stuff from
> Owl-current into Owl 3.0-stable, including even the Nmap update.  (The
> OpenSSL update will be a major exception to this.)
> And it feels wrong to do that for Nmap 5.50, when the Nmap project has
> released 5.51, which is a bugfix-only update (and thus is more "stable").
> Can you please update the Nmap package in Owl-current to 5.51 now?
> This should be quick and easy.

I was reviewing the Owl Nmap patch [1] to drop privileges, and I've
noticed that the Script Pre-scanning phase will run before dropping
privileges, actually there are two issues.

Some background:
The Script Pre-scanning phase is a new NSE (Nmap Scripting Engine)
scan phase which occurs before Nmap starts classic scanning. Scripts in
this phase can do host/network discovery stuff (broadcast ...) and add
the discovered targets to the Nmap scanning queue. There is even a new
committed script 'target-sniffer.nse' to push sniffed targets into the
Nmap queue. Currently in the nmap-trunk more than 10 scripts will run
during this script scan phase.

1) I think that privileges should be dropped before any scan. 

2) some (perhaps all) Pre-scanning scripts will not work with this patch
since they need some info (network interfaces ...) which are not
available at that time. The pre-scanning phase should not be moved, but
you can move the open_nse() call if you want to initialize NSE before

I want to contribute to Owl, so let me know if you want me to adjust the
patch, or if you have some other suggestions.




Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.