Realistically, those are your two choices with current nmap: 1. -u root 2. setuid on nmap 3. don't run nmap
What it's doing is this: nmap -p 23,21,80,138,139,548 -O <address> to do OS fingerprinting which requires root.... Thoughts: A nmap server (see http://rnmap.sourceforge.net/)? Maybe run this in a thread created BEFORE ntop changes it's effective userid (would that even work?) -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Craig Humphrey Sent: Monday, April 08, 2002 4:10 PM To: '[EMAIL PROTECTED]' Subject: [Ntop] Getting to grips with -u and nmap Hi People, I've just kicked my ntop install over and recompiled with the latest CVS (8/4/2002 NZ date) and so started using the -u switch to take it off root. But nmap doesn't really like running as a non-root user, even though I put the user in the root group! I'm not too worried about ntop being compromised, as no-one here has any where near the knowledge to do so (touch wood, it's a law firm), so should I just go back to running it as root? or is there another solution? (setuid root for nmap? ick!) Help! Soon'ish Craig _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listmanager.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listmanager.unipi.it/mailman/listinfo/ntop
