mailing list archives
Re: Safe scanning
From: Bruce Fraser <BFraser () ottawa com>
Date: Tue, 21 Mar 2000 16:48:11 -0500
We have deployed NMAP over a large (50K+) network of varied operating
systems/network devices with the simple syntax that you list below adding the
-O flag for OS fingerprinting and no one even blinked an eye. The scan was
run across a number of Class B addresss space over a period of a couple of
weeks.. Unless you do anything funky, you should be alright.
#include <stdthanks.h> // to Fyodor the man
I've been lurking here for a while, and am on the verge of doing a pretty
big scan on a pretty big and /very/ varied net, of which I have little
control. I know that it's more than likely that this network has a few
fragile/semi-home-made stacks in it.
Alek O.K.'s recent post (subj: "Setting nmap host_timeout too low may cause
DoS on inetd (?)") kinda spooked me.
How often or likely is it that nmap would trash a host (I'm considering
low-volume, something circa a class B per night, over a month)? Does anyone
have any experience with "safetifying" nmap scans? Are there any scans that
are more dangerous than others?
I've read the manpage and most of the webpage, and I realize that there are
no guarantees. But I'm looking for real-life-experience - is "nmap -sT
10.10.1-254.1-254" likely to put me in the street?
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).