* Dom Sekotill: > /usr/share/nmap/nselib/data/psexec/nmap_service.exe is detected by > Sophos AV as malware.
The antivirus installation is apparently misconfigured. In the local filesystem context, the program is not even directly runnable. In the context of .deb transfer by APT this should not matter either. I don't see anything we can or should do about this. The "offending" file nmap_service.exe and several Java class files that might also be flagged by AV are included for a reason: They are used by NSE scripts. Users who run into problems because of this should make sure that their AV product either ignores these packages -- or does not get to see them in the first place. Using HTTPS for fetching packages is a sensible solution, provided that no enterprise proxy product performs MITM attacks against TLS connections. > The nmap packages prior to 7.70 did not include the compiled binary. This is technically not correct, nmap_service.exe has been shipped since 7.60+dfsg2-1. (Debian 9.0 shipped with nmap/7.40-1 which did not include nmap_service.exe.) Cheers, -Hilko