Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: NTop: Users

re: OS Finger printing root access problem

 

 

NTop users RSS feed   Index | Next | Previous | View Threaded


Eric_Josephson at groove

Mar 18, 2002, 9:25 PM

Post #1 of 5 (277 views)
Permalink
re: OS Finger printing root access problem

Thank you for your reply. Unfortunately, I do not know how to run the most
recent code as root. Even if I did, I should think that I would not want
to run it as root for security reasons. So, that having been said, does
anyone know how to either grant root access to just the fingerprinting
threads or to give it enough access without granting root to it that it
will work under a non-root account?

--

J. Eric Josephson
Director of Network and System Operations
978-720-2159
mailto:eric_josephson [at] groove




"Stuart Herd
- IT Dept." To: "'ntop [at] Unipi'" <ntop [at] Unipi>
<sherd [at] roypl cc: "'Eric_Josephson [at] groove'" <Eric_Josephson [at] groove>
s.com> Subject: re: [Ntop] OS Finger printing root access problem

03/18/2002
09:49 AM






nmap requires root privileges to run with the OS fingerprinting flag (-O),
as you are running ntop as user jej nmap quits.

============================================================================

=======
Message: 8
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
To: ntop [at] Unipi
From: Eric_Josephson [at] groove
Date: Fri, 15 Mar 2002 08:53:47 -0500
Subject: [Ntop] OS Finger printing root access problem.
Reply-To: ntop [at] unipi

Linux 7.1
CVS shot at 13:00 GMT 3/15/2002

Run as a non-root user with the following command line.
ntop -u jej -d -E -e 10000 -U http://10.10.0.99/cgi-bin/mapper.pl -P1 -m
10.10.0.0/16 -p /root/protocols.txt -P /tmp ether host 00:50:54:FF:D5:FF
and not net 10.150/16 or ether host ff:ff:ff:ff:ff:ff

When I go into system details my console gets this:

TCP/IP fingerprinting (for OS scan) requires root privileges which you do
not appear to possess. Sorry, dude.

QUITTING!




How do I solve this problem? Thanks!

--

J. Eric Josephson
Director of Network and System Operations
978-720-2159
mailto:eric_josephson [at] groove





PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message. If
you are not the addressee indicated in this message or the employee or
agent
responsible for delivering it to the addressee, you are hereby on notice
that you are in possession of confidential and privileged information. Any
dissemination, distribution, or copying of this e-mail is strictly
prohibited. In such case, you should destroy this message and kindly
notify
the sender by reply e-mail. Please advise immediately if you or your
employer do not consent to Internet email for messages of this kind.
Opinions, conclusions, and other information in this message that do not
relate to the official business of the sender's firm shall be understood as
neither given nor endorsed by it. E-mail cannot be guaranteed to be secure,
error free or free from viruses. Royal does not accept any liability
whatsoever for any loss or damage which may be caused as a result of the
transmission of this e-mail.


sherd at royplas

Mar 18, 2002, 7:49 AM

Post #2 of 5 (276 views)
Permalink
re: OS Finger printing root access problem [In reply to]

nmap requires root privileges to run with the OS fingerprinting flag (-O),
as you are running ntop as user jej nmap quits.

============================================================================
=======
Message: 8
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
To: ntop [at] Unipi
From: Eric_Josephson [at] groove
Date: Fri, 15 Mar 2002 08:53:47 -0500
Subject: [Ntop] OS Finger printing root access problem.
Reply-To: ntop [at] unipi

Linux 7.1
CVS shot at 13:00 GMT 3/15/2002

Run as a non-root user with the following command line.
ntop -u jej -d -E -e 10000 -U http://10.10.0.99/cgi-bin/mapper.pl -P1 -m
10.10.0.0/16 -p /root/protocols.txt -P /tmp ether host 00:50:54:FF:D5:FF
and not net 10.150/16 or ether host ff:ff:ff:ff:ff:ff

When I go into system details my console gets this:

TCP/IP fingerprinting (for OS scan) requires root privileges which you do
not appear to possess. Sorry, dude.

QUITTING!




How do I solve this problem? Thanks!

--

J. Eric Josephson
Director of Network and System Operations
978-720-2159
mailto:eric_josephson [at] groove





PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message. If
you are not the addressee indicated in this message or the employee or agent
responsible for delivering it to the addressee, you are hereby on notice
that you are in possession of confidential and privileged information. Any
dissemination, distribution, or copying of this e-mail is strictly
prohibited. In such case, you should destroy this message and kindly notify
the sender by reply e-mail. Please advise immediately if you or your
employer do not consent to Internet email for messages of this kind.
Opinions, conclusions, and other information in this message that do not
relate to the official business of the sender's firm shall be understood as
neither given nor endorsed by it. E-mail cannot be guaranteed to be secure,
error free or free from viruses. Royal does not accept any liability
whatsoever for any loss or damage which may be caused as a result of the
transmission of this e-mail.


l.deri at tecsiel

Mar 21, 2002, 2:55 AM

Post #3 of 5 (273 views)
Permalink
Re: OS Finger printing root access problem [In reply to]

Eric,
why don't you setuid nmap as I did instead of using the root user (-u)?

Cheers, Luca

Eric_Josephson [at] groove wrote:
>
> Thank you for your reply. Unfortunately, I do not know how to run the most
> recent code as root. Even if I did, I should think that I would not want
> to run it as root for security reasons. So, that having been said, does
> anyone know how to either grant root access to just the fingerprinting
> threads or to give it enough access without granting root to it that it
> will work under a non-root account?
>
> --
>
> J. Eric Josephson
> Director of Network and System Operations
> 978-720-2159
> mailto:eric_josephson [at] groove
>
>
> "Stuart Herd
> - IT Dept." To: "'ntop [at] Unipi'" <ntop [at] Unipi>
> <sherd [at] roypl cc: "'Eric_Josephson [at] groove'" <Eric_Josephson [at] groove>
> s.com> Subject: re: [Ntop] OS Finger printing root access problem
>
> 03/18/2002
> 09:49 AM
>
>
>
> nmap requires root privileges to run with the OS fingerprinting flag (-O),
> as you are running ntop as user jej nmap quits.
>
> ============================================================================
>
> =======
> Message: 8
> Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
> To: ntop [at] Unipi
> From: Eric_Josephson [at] groove
> Date: Fri, 15 Mar 2002 08:53:47 -0500
> Subject: [Ntop] OS Finger printing root access problem.
> Reply-To: ntop [at] unipi
>
> Linux 7.1
> CVS shot at 13:00 GMT 3/15/2002
>
> Run as a non-root user with the following command line.
> ntop -u jej -d -E -e 10000 -U http://10.10.0.99/cgi-bin/mapper.pl -P1 -m
> 10.10.0.0/16 -p /root/protocols.txt -P /tmp ether host 00:50:54:FF:D5:FF
> and not net 10.150/16 or ether host ff:ff:ff:ff:ff:ff
>
> When I go into system details my console gets this:
>
> TCP/IP fingerprinting (for OS scan) requires root privileges which you do
> not appear to possess. Sorry, dude.
>
> QUITTING!
>
> How do I solve this problem? Thanks!
>
> --
>
> J. Eric Josephson
> Director of Network and System Operations
> 978-720-2159
> mailto:eric_josephson [at] groove
>
> PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message. If
> you are not the addressee indicated in this message or the employee or
> agent
> responsible for delivering it to the addressee, you are hereby on notice
> that you are in possession of confidential and privileged information. Any
> dissemination, distribution, or copying of this e-mail is strictly
> prohibited. In such case, you should destroy this message and kindly
> notify
> the sender by reply e-mail. Please advise immediately if you or your
> employer do not consent to Internet email for messages of this kind.
> Opinions, conclusions, and other information in this message that do not
> relate to the official business of the sender's firm shall be understood as
> neither given nor endorsed by it. E-mail cannot be guaranteed to be secure,
> error free or free from viruses. Royal does not accept any liability
> whatsoever for any loss or damage which may be caused as a result of the
> transmission of this e-mail.
>
> _______________________________________________
> Ntop mailing list
> Ntop [at] unipi
> http://listmanager.unipi.it/mailman/listinfo/ntop

--
Luca Deri NETikos S.p.A.
Via Matteucci 34/B 56124 Pisa, Italy.
Ph. +39/050/968.639 Fax. +39/050/968.626
Personal: luca [at] lucaderi Business: luca.deri [at] netikos
WWW: http://www.lucaderi.org/ ICQ: 68183632
Hacker: someone who loves to program and enjoys being
clever about it - Richard Stallman


b.duda at rubicon

Mar 21, 2002, 4:24 AM

Post #4 of 5 (274 views)
Permalink
Re: OS Finger printing root access problem [In reply to]

Hi,
can you tell me,
I have eth1 - local LAN 192.168.1.10/24

ntop -u nobody -P /tmp -S 2 -i eth1 -w 3129 -d -p "FTP tp-data
HTTP
I need IP Traffic only for trafic local PC > internet, not local PC to local
PC.

Please, is it conf. valid?
Exists URL with examples?



S Pozdravem

B°etislav Duda


Eric_Josephson at groove

Mar 21, 2002, 5:26 AM

Post #5 of 5 (273 views)
Permalink
Re: OS Finger printing root access problem [In reply to]

That sounds like the right thing to do. I am familiar with the concept but
I do not know how to do that in practice. Could somebody please provide a
sample set of command strings for me to work from? Thank you all.

--

J. Eric Josephson
Director of Network and System Operations
978-720-2159
mailto:eric_josephson [at] groove




Luca Deri
<l.deri [at] tecs To: ntop [at] unipi
el.it> cc:
Sent by: Subject: Re: [Ntop] OS Finger printing root access problem
ntop-admin [at] u
ipi.it


03/21/2002
04:55 AM
Please
respond to
ntop






Eric,
why don't you setuid nmap as I did instead of using the root user (-u)?

Cheers, Luca

Eric_Josephson [at] groove wrote:
>
> Thank you for your reply. Unfortunately, I do not know how to run the
most
> recent code as root. Even if I did, I should think that I would not want
> to run it as root for security reasons. So, that having been said, does
> anyone know how to either grant root access to just the fingerprinting
> threads or to give it enough access without granting root to it that it
> will work under a non-root account?
>
> --
>
> J. Eric Josephson
> Director of Network and System Operations
> 978-720-2159
> mailto:eric_josephson [at] groove
>
>
> "Stuart Herd
> - IT Dept." To: "'ntop [at] Unipi'"
<ntop [at] Unipi>
> <sherd [at] roypl cc:
"'Eric_Josephson [at] groove'" <Eric_Josephson [at] groove>
> s.com> Subject: re: [Ntop] OS
Finger printing root access problem
>
> 03/18/2002
> 09:49 AM
>
>
>
> nmap requires root privileges to run with the OS fingerprinting flag
(-O),
> as you are running ntop as user jej nmap quits.
>
>
============================================================================

>
> =======
> Message: 8
> Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
> To: ntop [at] Unipi
> From: Eric_Josephson [at] groove
> Date: Fri, 15 Mar 2002 08:53:47 -0500
> Subject: [Ntop] OS Finger printing root access problem.
> Reply-To: ntop [at] unipi
>
> Linux 7.1
> CVS shot at 13:00 GMT 3/15/2002
>
> Run as a non-root user with the following command line.
> ntop -u jej -d -E -e 10000 -U http://10.10.0.99/cgi-bin/mapper.pl -P1 -m
> 10.10.0.0/16 -p /root/protocols.txt -P /tmp ether host 00:50:54:FF:D5:FF
> and not net 10.150/16 or ether host ff:ff:ff:ff:ff:ff
>
> When I go into system details my console gets this:
>
> TCP/IP fingerprinting (for OS scan) requires root privileges which you do
> not appear to possess. Sorry, dude.
>
> QUITTING!
>
> How do I solve this problem? Thanks!
>
> --
>
> J. Eric Josephson
> Director of Network and System Operations
> 978-720-2159
> mailto:eric_josephson [at] groove
>
> PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message.
If
> you are not the addressee indicated in this message or the employee or
> agent
> responsible for delivering it to the addressee, you are hereby on notice
> that you are in possession of confidential and privileged information.
Any
> dissemination, distribution, or copying of this e-mail is strictly
> prohibited. In such case, you should destroy this message and kindly
> notify
> the sender by reply e-mail. Please advise immediately if you or your
> employer do not consent to Internet email for messages of this kind.
> Opinions, conclusions, and other information in this message that do not
> relate to the official business of the sender's firm shall be understood
as
> neither given nor endorsed by it. E-mail cannot be guaranteed to be
secure,
> error free or free from viruses. Royal does not accept any liability
> whatsoever for any loss or damage which may be caused as a result of the
> transmission of this e-mail.
>
> _______________________________________________
> Ntop mailing list
> Ntop [at] unipi
> http://listmanager.unipi.it/mailman/listinfo/ntop

--
Luca Deri NETikos S.p.A.
Via Matteucci 34/B 56124 Pisa, Italy.
Ph. +39/050/968.639 Fax. +39/050/968.626
Personal: luca [at] lucaderi Business: luca.deri [at] netikos
WWW: http://www.lucaderi.org/ ICQ: 68183632
Hacker: someone who loves to program and enjoys being
clever about it - Richard Stallman
_______________________________________________
Ntop mailing list
Ntop [at] unipi
http://listmanager.unipi.it/mailman/listinfo/ntop

NTop users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.