NMap - running as root yields different response than running as another user

Question

nmap -eeth1 [hostname] -p80

Running that command as root uses interface one and fails as expected (interface one is on a subnet blocked by the host.) Using interface 0 succeeds as it should.

However, if I switch to user zabbix then the above command succeeds no matter which valid interface I specify. If I specify a nonexistent interface it fails as expected.

Any idea why the output is different between root and the zabbix user?

Use -S to "spoof" the address of the second interface does appear to work, however. — Joshua Enfield, Jan 27 '11 at 19:07

score 1 · Accepted Answer · answered Jan 27 '11 at 21:54

This may have something to do with requiring superuser privileges to set new routes. Regular users can't add new routes via route either. The non-privileged zabbix user is likely failing over to using the default routing table, but nmap is not generating a warning about it.

NMap - running as root yields different response than running as another user

1 Answers1