Matt wrote:
> Nmap says it needs admin. privileges so it can create raw packets to run 
> certain scans such as the SYN scan. Do the other scanning tools for 
> example, ISS Internet Scanner, Nessus, and eEye Retina, have the same 
> issue? If so, is there a sudo-like mechanism in Windows to run them with 
> elevated privileges but not under an admin. account? While I'm at it, 
> any quirks with the above tools I should know about?


Windows 2000 and above allow you to "Run As..." another user.  Hold down 
the Shift key and right-click on the application icon to see this option 
in the pop-up menu.

If the application is command-line, you can Run As the "Command Prompt" 
to get an administrative shell.

All tools have their place and each has a different feature set.  For 
the occasional interactive scan, nmap is a very good place to start.

On a slightly different note, if you are running these scanning tools on 
UF campus and your scans will cross subnet boundaries you will want to 
get your machine into the "authorized scanner" list so you don't set off 
all of the network security intrusion detection alerts.


  Dan Stoner
  Network Administrator
  Florida Museum of Natural History
  University of Florida