Nmap Question.

[FrameWork]

I hope this isn't and entirely stupid question, but it would be worth it to get the answer.

Is there a way to give a terminal root permissions from a limited access account in linux so i can use all of the switches for nmap? I can run many of them, but some of the switches i want to use require me to run nmap with root permissions. Or if there is an even easier way of going about this that would be great.

I browsed over to /usr/bin/nmap hopeing to get a prompt asking me for the root password after i double-clicked it, but nothing opens up.

Thanks in advance.

~FrWk

[phishphreek]

Lets see here... if I'm understanding correctly...

If you have the root password or are belonging to the root group...

Open a terminal and then su to root

$su

enter password for root

then you have a root prompt...

#nmap -options for CLI versoin

if you like gui better...

#nmapfe &

will open the nmap front end and free up your terminal window for more commands.

[cheyenne1212]

I know that I have an option on one of my *nix boxes to open up a shell as superuser mode.

That allows me to use all options of nmap.

Or do what PhishPhreek said.

[thehorse13]

if you like gui better...

#nmapfe &

One quick note, be sure you are in an X windows session when issuing this command or you will get an error message stating that a display cannot be started.

[j3r]

also:
sudo nmap -options
Which is the same as:
su
nmap -options
exit

[phishphreek]

One quick note, be sure you are in an X windows session when issuing this command or you will get an error message stating that a display cannot be started.

Nice side note. I have a tendancy to leave the little but important details out...

I browsed over to /usr/bin/nmap hopeing to get a prompt asking me for the root password after i double-clicked it, but nothing opens up.

I was hoping everyone would pick up on the fact that he was doubleclicking... which means he is in a GUI already... as AFAIK doubleclicking in a CLI won't do you much good...

[NullDevice]

well u most probably wud like to have sudo.....

with sudo u will be able to have a user with normal account to run a program with root permissions...

from sudo home page:

Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while logging the commands and arguments.

to setup sudo ...u need to run visudo to configure the users who can run prohrams with superuser permissions and define which program they can run with su permissions...

best place to strat with :
http://www.sudo.ws/sudo/man/sudoers.html -- The HOME of Sudo...
http://www.onlamp.com/lpt/a/2704 -- O'Reilly Documentation...would be helpful
http://www.devveb.org/linux/linux_Sudo.html -- Another Good Documentation....
http://www.krnlpanic.com/tutorials/sudo.php --- A quick tute
http://translate.google.com/translat...UTF-8%26sa%3DN -- another gud and quick tool

Infact i did this for myself..unfortunately i dont have access to that system right now...to give away the sudoer configuration...but its pretty simple...hope u have got ur problem solved

[slarty]

There are a number of kernel patches and/or userspace programs which can manipulate a user or program's "Capabilities" in Linux.

Contrary to what you may think, it isn't actually being root which enables nmap to work fully, it's a "Capability" called cap_net_raw.

I have yet to get any of these things to work properly. Some of the ones which might do the trick are

gr_security
pam_capability

But I have been unable to get them to do what I wanted to do (give some normal users cap_net_raw) without unpleasant side effects.

Slarty

[wassup]

an easy way would just to put the sticky bit on the permissions of /usr/bin/nmap so it runs as root.
chmod o+x /usr/bin/nmap

err set uid bit not sticky bit lol