tags 322137 + patch thanks patch to rewrite option section to mention privileged users/normal user
Description: Add text [priviledge user] in the options that requires root privilegies Forwarded: yes Author: Daniel Echeverry <[email protected]> Origin: vendor Last-Update: 2010-12-14
Index: nmap-5.21/docs/nmap.1 =================================================================== --- nmap-5.21.orig/docs/nmap.1 2010-12-14 22:05:25.000000000 -0500 +++ nmap-5.21/docs/nmap.1 2010-12-14 22:11:19.000000000 -0500 @@ -132,8 +132,8 @@ \-\-system\-dns: Use OS\'s DNS resolver \-\-traceroute: Trace hop path to each host SCAN TECHNIQUES: - \-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans - \-sU: UDP Scan + \-sS/sT/sA/sW/sM: [priviledged user] TCP SYN/Connect()/ACK/Window/Maimon scans + \-sU: [priviledged user] UDP Scan \-sN/sF/sX: TCP Null, FIN, and Xmas scans \-\-scanflags <flags>: Customize TCP scan flags \-sI <zombie host[:probeport]>: Idle scan @@ -651,7 +651,7 @@ \fIC\fR is a prominent character in the scan name, usually the first\&. The one exception to this is the deprecated FTP bounce scan (\fB\-b\fR)\&. By default, Nmap performs a SYN Scan, though it substitutes a connect scan if the user does not have proper privileges to send raw packets (requires root access on Unix) or if IPv6 targets were specified\&. Of the scans listed in this section, unprivileged users can only execute connect and FTP bounce scans\&. .PP -\fB\-sS\fR (TCP SYN scan) .\" -sS .\" SYN scan +\fB\-sS\fR [priviledged user] (TCP SYN scan) .\" -sS .\" SYN scan .RS 4 SYN scan is the default and most popular scan option for good reasons\&. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by restrictive firewalls\&. SYN scan is relatively unobtrusive and stealthy, since it never completes TCP connections\&. It also works against any compliant TCP stack rather than depending on idiosyncrasies of specific platforms as Nmap\'s FIN/NULL/Xmas, Maimon and idle scans do\&. It also allows clear, reliable differentiation between the open, @@ -662,7 +662,7 @@ This technique is often referred to as half\-open scanning, because you don\'t open a full TCP connection\&. You send a SYN packet, as if you are going to open a real connection and then wait for a response\&. A SYN/ACK indicates the port is listening (open), while a RST (reset) is indicative of a non\-listener\&. If no response is received after several retransmissions, the port is marked as filtered\&. The port is also marked filtered if an ICMP unreachable error (type 3, code 1, 2, 3, 9, 10, or 13) is received\&. .RE .PP -\fB\-sT\fR (TCP connect scan) .\" -sT .\" connect scan +\fB\-sT\fR [priviledged user] (TCP connect scan) .\" -sT .\" connect scan .RS 4 TCP connect scan is the default TCP scan type when SYN scan is not an option\&. This is the case when a user does not have raw packet privileges or is scanning IPv6 networks\&. Instead of writing raw packets as most other scan types do, Nmap asks the underlying operating system to establish a connection with the target machine and port by issuing the \fBconnect\fR @@ -673,7 +673,7 @@ call than with raw packets, making it less efficient\&. The system call completes connections to open target ports rather than performing the half\-open reset that SYN scan does\&. Not only does this take longer and require more packets to obtain the same information, but target machines are more likely to log the connection\&. A decent IDS will catch either, but most machines have no such alarm system\&. Many services on your average Unix system will add a note to syslog, and sometimes a cryptic error message, when Nmap connects and then closes the connection without sending data\&. Truly pathetic services crash when this happens, though that is uncommon\&. An administrator who sees a bunch of connection attempts in her logs from a single system should know that she has been connect scanned\&. .RE .PP -\fB\-sU\fR (UDP scans) .\" -sU .\" UDP scan +\fB\-sU\fR [priviledged user] (UDP scans) .\" -sU .\" UDP scan .RS 4 While most popular services on the Internet run over the TCP protocol, \m[blue]\fBUDP\fR\m[]\&\s-2\u[6]\d\s+2
