Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Why Nmap UDP need Root?
Special Forums IP Networking Why Nmap UDP need Root? Post 302906455 by Perderabo on Thursday 19th of June 2014 07:39:40 PM
Old 06-19-2014
UDP is "best effort" protocol and it will not inform the sender if a packet gets dropped. UDP applications either need to implement error detection in the application (NFS) or decide that some dropped data is acceptable (SYSLOG). nmap needs access to ICMP to see the results of sending UDP packets. ICMP requires root access.

This moves the question to why ICMP requires root access. Clearly sending ICMP messages opens up the ability to do nasty things. It's less clear why root is needed to simply listen to ICMP. But you would only need access to ICMP for unusual applications like nmap. So maybe it is just to be cautious.
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

Nmap

I am pretty new at running nmap ,and i have some doubt about some o/ps the nmap shows I tried to scan my own system for UDP open ports I see that if i use one UDP port say 13 It shows that its in open state , etc But if i scan for the whole UDP ports in the nmap-services . I gives te... (2 Replies)
Discussion started by: DPAI
2 Replies

2. UNIX for Dummies Questions & Answers

nmap results

Hi, Whenever I tried to run nmap on my linux (red hat 6.2) boxes i got these outputs: 4444/tcp filtered krb524 6666/tcp filtered irc-serv 6699/tcp filtered napster 8888/tcp filtered sun-answerbook Can anybody please... (10 Replies)
Discussion started by: necro
10 Replies

3. Shell Programming and Scripting

Nmap PHP FE

Hi everyone! I've temporarily come out of hibernation (and will be gone for about two weeks after this post too) to ask for input on a small PHP script I have just completed. The script aims to be a remote front-end for Nmap - now for the safety of this post, I ask that any replies refrain from... (6 Replies)
Discussion started by: Karma
6 Replies

4. AIX

nmap on aix 5.2

I'm trying to compile nmap 4.11 on an aix 5.2 machine and get the following error when attempting the 'make' command; make "Makefile", line 1: make: 1254-055 Dependency line needs colon or double colon operator. "Makefile", line 14: make: 1254-055 Dependency line needs colon or double colon... (2 Replies)
Discussion started by: zuessh
2 Replies

5. Red Hat

To change of port name in nmap

Hi, Is it possible to change the nmap port name: For eg: 21/tcp open ftp 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 836/tcp open unknown 843/tcp open unknown 953/tcp open rndc I need to change the port number 836 unknown to the name of the... (4 Replies)
Discussion started by: gsiva
4 Replies

6. Shell Programming and Scripting

FTP/nmap/.netrc

So... I'm trying to script and FTP Backup of some files from openVMS Alpha machine to a Unixware 7 machine. I decided to use .netrc to do all the FTP actions however when I send the nmap command. It pretty much gets ignored while even other things such "ascii", "case" etc.. get respected... (0 Replies)
Discussion started by: thesubmitter
0 Replies

7. Solaris

Nmap error

I 'm getting following error when i run nmap for an ip .. what could be the reason for it ? #nmap 10.22.67.18 Starting Nmap 4.68 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-07-06 19:07 UTC Warning: Unable to open interface e1000g3301000 -- skipping it.... (2 Replies)
Discussion started by: fugitive
2 Replies

8. Linux

nmap binaries for linux

Hi , I am exploring the nmap utility for Linux. I know that, nmap binaries are specific to the platforms e.g. nmap binaries will be diferent for Windows , AIX , Solaris and Linux platforms. Can anyone tell me , will the nmap binaries be different for different flavours of Linux such as... (1 Reply)
Discussion started by: jatin56
1 Replies

9. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

10. Cybersecurity

Help with NMAP

I'm seeing a persistent address showing up on my firewall router logs. The address is 10.98.115.9:67, and is broadcasting to 255.255.255.255. I know that this would typically signal a BOOTP service, such as a bootp server announcing itself on the network. But I can't isolate which machine it... (3 Replies)
Discussion started by: renoir611
3 Replies

LEARN ABOUT LINUX

clockdiff

CLOCKDIFF(8)						 System Manager's Manual: iputils					      CLOCKDIFF(8)

NAME

       clockdiff - measure clock difference between hosts

SYNOPSIS

       clockdiff [-o] [-o1] destination

DESCRIPTION

       clockdiff  Measures  clock difference between us and destination with 1 msec resolution using ICMP TIMESTAMP [2] packets or, optionally, IP
       TIMESTAMP option [3] option added to ICMP ECHO.	[1]

OPTIONS

       -o     Use IP TIMESTAMP with ICMP ECHO instead of ICMP TIMESTAMP messages. It is useful with some destinations, which do not  support  ICMP
	      TIMESTAMP (f.e. Solaris <2.4).

       -o1    Slightly	different  form  of  -o,  namely it uses three-term IP TIMESTAMP with prespecified hop addresses instead of four term one.
	      What flavor works better depends on target host. Particularly, -o is better for Linux.

WARNINGS

       o Some nodes (Cisco) use non-standard timestamps, which is allowed by RFC, but makes timestamps mostly useless.

       o Some nodes generate messed timestamps (Solaris>2.4), when run xntpd. Seems, its IP stack uses a corrupted clock source, which is synchro-
	 nized	to  time-of-day  clock periodically and jumps randomly making timestamps mostly useless. Good news is that you can use NTP in this
	 case, which is even better.

       o clockdiff shows difference in time modulo 24 days.

SEE ALSO

       ping(8), arping(8), tracepath(8).

REFERENCES

       [1] ICMP ECHO, RFC0792, page 14.

       [2] ICMP TIMESTAMP, RFC0792, page 16.

       [3] IP TIMESTAMP option, RFC0791, 3.1, page 16.

AUTHOR

       clockdiff was compiled by Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>. It was based on code borrowed from BSD timed daemon.	It  is	now  main-
       tained by YOSHIFUJI Hideaki <yoshfuji@skbuff.net>.

SECURITY

       clockdiff requires CAP_NET_RAWIO capability to be executed. It is safe to be used as set-uid root.

AVAILABILITY

       clockdiff  is  part  of iputils package and the latest versions are  available in source form at http://www.skbuff.net/iputils/iputils-cur-
       rent.tar.bz2.

iputils-101006							   12 April 2011						      CLOCKDIFF(8)
All times are GMT -4. The time now is 06:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy