Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: wide-scan?
From: "'Bradley Kite'" <bradley () deathsgate demon co uk>
Date: Mon, 10 Jun 2002 18:55:23 +0100


Well ideally I am trying to do 2 things: wide scan, and log to a postgres
database. The logging is to be done serially to get around the memory
requirements for storing thousands of host records, and logging direct
to a database means that the data is more readily accessable and updateable,
(its mainly for work so that I know if people are running unauthorised
servers or been trojanded etc...)

What is the scanner that you wrote called, and where can I download it
if its publically available?


On Mon, Jun 10, 2002 at 10:58:39AM -0400, Dion Stempfley wrote:
From: Dion Stempfley <Dion () riptech com>
To: "'Bradley Kite'" <bradley () deathsgate demon co uk>, nmap-dev () insecure org
Subject: RE: wide-scan?
Date: Mon, 10 Jun 2002 10:58:39 -0400
X-Mailer: Internet Mail Service (5.5.2653.19)

I looked at this for a while last year.  After about 3 weeks of banging my
head, I decided that adding an option to nmap was too much of a change to
feel comfortable about the stability and maintainability of the end product.
I wrote a different scanner, stealing heavily from nmap of course:)  

Do you intend to finish the entire block of hosts for a specific port before
moving to another port?  If so, you may need to keep several thousand host
records and results in memory before outputting them.  You would probably
lose the ability to resume a scan, since you don't have any partial output
to recover from.  Maybe a different output format could accommodate the
change to address some of these issues, but I didn't go down that route
originally.  For my scanner, I decided that by changing the output to stream
results instead of reporting by host, I would reduce the overall memory
Good luck,


-----Original Message-----
From: Bradley Kite [mailto:bradley () deathsgate demon co uk]
Sent: Saturday, June 08, 2002 12:44 PM
To: nmap-dev () insecure org
Subject: wide-scan?

Hi everybody.

I'm considering adding a 'wide-scan' option to nmap,
so that instead of scanning all ports on each host,
then moving to the next host (a deep scan) it will
scan port 1 on all hosts, and then move to port 2
(well it will actually move through the user-supplied
port list but you get my meaning...)

I think that it will provide increased paralellism(?)
when scanning a lot of hosts with paranoid (-T) timing options
because while you are waiting, you can scan other hosts.

The down side is that it will require a lot more memory,
but you can get around this by reducing the number of ports
you want to scan.

Comments/Suggestions requested.

pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc

Software Developer/Data Management Specialist
Alchemetics Ltd, http://www.alchemetrics.co.uk
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]