Home page logo
/

nmap-dev logo Nmap Development mailing list archives

RE: wide-scan?
From: Dion Stempfley <Dion () riptech com>
Date: Thu, 13 Jun 2002 14:22:45 -0400

Unfortunately, it's not called anything, and I never got to the point of
publishing.  I will dig out the code and see if I can get it to you.  

Dion

-----Original Message-----
From: 'Bradley Kite'
To: Dion Stempfley
Cc: nmap-dev () insecure org
Sent: 6/10/2002 1:55 PM
Subject: Re: wide-scan?

Dion,

Well ideally I am trying to do 2 things: wide scan, and log to a
postgres
database. The logging is to be done serially to get around the memory
requirements for storing thousands of host records, and logging direct
to a database means that the data is more readily accessable and
updateable,
(its mainly for work so that I know if people are running unauthorised
servers or been trojanded etc...)

What is the scanner that you wrote called, and where can I download it
if its publically available?

--
Regards
Bradley


On Mon, Jun 10, 2002 at 10:58:39AM -0400, Dion Stempfley wrote:
From: Dion Stempfley <Dion () riptech com>
To: "'Bradley Kite'" <bradley () deathsgate demon co uk>,
nmap-dev () insecure org
Subject: RE: wide-scan?
Date: Mon, 10 Jun 2002 10:58:39 -0400
X-Mailer: Internet Mail Service (5.5.2653.19)

I looked at this for a while last year.  After about 3 weeks of
banging my
head, I decided that adding an option to nmap was too much of a change
to
feel comfortable about the stability and maintainability of the end
product.
I wrote a different scanner, stealing heavily from nmap of course:)  

Do you intend to finish the entire block of hosts for a specific port
before
moving to another port?  If so, you may need to keep several thousand
host
records and results in memory before outputting them.  You would
probably
lose the ability to resume a scan, since you don't have any partial
output
to recover from.  Maybe a different output format could accommodate
the
change to address some of these issues, but I didn't go down that
route
originally.  For my scanner, I decided that by changing the output to
stream
results instead of reporting by host, I would reduce the overall
memory
requirements.  
 
Good luck,

Dion

-----Original Message-----
From: Bradley Kite [mailto:bradley () deathsgate demon co uk]
Sent: Saturday, June 08, 2002 12:44 PM
To: nmap-dev () insecure org
Subject: wide-scan?


Hi everybody.

I'm considering adding a 'wide-scan' option to nmap,
so that instead of scanning all ports on each host,
then moving to the next host (a deep scan) it will
scan port 1 on all hosts, and then move to port 2
(well it will actually move through the user-supplied
port list but you get my meaning...)

I think that it will provide increased paralellism(?)
when scanning a lot of hosts with paranoid (-T) timing options
because while you are waiting, you can scan other hosts.

The down side is that it will require a lot more memory,
but you can get around this by reducing the number of ports
you want to scan.

Comments/Suggestions requested.

Regards
-- 
Bradley.
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc




-- 
Software Developer/Data Management Specialist
Alchemetics Ltd, http://www.alchemetrics.co.uk
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault