Nmap And Vista And UAC
Thursday 1st March, 2007 13:49 Comments: 1
I made a post to the nmap-dev mailing list the other day, and it appears I was correct in my assumption of why nmap wasn't working too well on Vista when UAC is enabled, as confirmed by one of the WinPcap guys, who also provided the necessary registry tweak to make WinPcap start on bootup, so nmap can always be run as a standard user (in the past it's generally been said that nmap has to run as an Administrator account, hopefully this might debunk that myth slightly)! One way or another I will talk everyone into keeping UAC enabled (I know, I should get them to run as Standard Users, but baby steps... baby steps).
EDIT: I modified the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NPF\\Start to the value 2 (instead of the default of 3), and after a reboot of Vista I was able to log in with my Standard User account and run nmap without any trouble!
EDIT: I modified the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NPF\\Start to the value 2 (instead of the default of 3), and after a reboot of Vista I was able to log in with my Standard User account and run nmap without any trouble!
Robert - Saturday 7th April, 2007 13:20 I just installed the latest development version of nmap (using the executable) on Vista and it appears that the registry key at HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNpfsStart (note, not NPF like the WinPcap FAQ says) is set to 1, which suggests it'll start as SYSTEM, rather than load on demand.
Actually, it didn't look very happy, I may install a newer version of WinPcap, as I think that's what you're meant to do on Vista. Yep, WinPcap 4 (from their website) creates the NPF entry, default value of 3.
Actually, it didn't look very happy, I may install a newer version of WinPcap, as I think that's what you're meant to do on Vista. Yep, WinPcap 4 (from their website) creates the NPF entry, default value of 3.