mailing list archives
Re: some nmap tools
From: MadHat <madhat () unspecific com>
Date: Sun, 7 Dec 2003 22:24:21 -0600
On Dec 7, 2003, at 8:06 PM, Hasnain Atique wrote:
That's easily done, too. If you have a local nmap box in each location,
they can have their local nmapsql instances which you can collect and
consolidate into the central db. This would definitely save you the
outrageous bandwidth required to complete the scan. You'll fire up a
storm on each subnet, but not snowstorm the WAN links.
Yeh, but I am not sure all my boxes will be beefy enough to each have
an mysql instance and do the scanning. I am still evaluating. Do you
have anything written to output to a file, like a mysql insert script,
that could be copied to another host?
Also with the DB design, from the last
time I looked at it, it did not allow for Version scanning and I plan
on adding that is very soon. I am presently tweaking the
nmap-service-probes for my needs and environment.
I'm assuming by "Version scanning" you're referring to the -A option in
nmap 3.48. If so, nmapsql completely supports that. If nmap can find
version, nmapsql will log it.
Can you explain the table structure and how the data is stored (or
point me to somewhere it is detailed)? I am not sure I am getting it
and I did not find specifics of it on the website of the DB design. I
looked at the code and some of included items and had to infer the
rest. I just don't understand how the Version scanning (-sV) is stored
in the DB. -A is "All" (more or less) which includes OS detection (-O)
and Version scanning (-sV) with the default Connect scan (-sT).
Please don't take me wrong. I think it is a good patch, I am just not
sure it will scale for what I need. I have looked at a lot of the nmap
based tools and none seemed to do exactly what I needed, which is why I
wrote these scripts. But I have used many of them in different
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List archive: http://seclists.org