Barrapunto

Fyodor no habla de rumores, este es el texto íntegro de la newsletter que podeís consulta aquí: http://seclists.org

-----------------------------------------------

This is just a heads-up that most Nmap functionality will not work on
the just-released Microsoft Windows SP2. Why? Microsoft apparently
broke it on purpose! When an Nmap user asked MS why security tools
such as Nmap broke, MS responded[1]:

  "We have removed support for TCP sends over RAW sockets in SP2.
    We surveyed applications and found the only apps using this on XP were
    people writing attack tools."

I don't know why they consider Nmap an "attack tool", particularly
when they recommend it on some of their own pages[2]. Shrug.
Removing SP2 re-enables the functionality and causes Nmap to work
again. Many problems unrelated to Nmap have been found with SP2 as
well[3], though it does some welcome security improvements for people
stuck on that platform.

I will work on this if I get time, but am currently busy rewriting the
core port scanning engine for the next version of Nmap. It is much
faster, offers much better multiple-host parallelization, and provides
other long-desired features such as completion time estimates. If
someone finds a solution to this SP2 problem, please send a patch. It
may not be too hard, as Nmap supports operating systems such as Win95
that didn't have raw socket support in the first place.

Cheers,
Fyodor

[1] http://seclists.org/lists/nmap-dev/2004/Apr-Jun/00 77.html
[2] http://www.microsoft.com/serviceproviders/security /tools.asp
[3] http://www.crn.com/sections/breakingnews/breakingn ews.jhtml?articleId=23905071

--------------------------------------------------