Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

RE: some nmap tools
From: "Hasnain Atique" <hatique () hasnains com>
Date: Mon, 8 Dec 2003 23:42:57 +0800
evaluating.  Do you 
have anything written to output to a file, like a mysql 
insert script, 
that could be copied to another host?


It's trivial to output the SQL statements to an external file from
inside nmapsql. Actually, now that you've brought it up, may be I'll add
it as a standard feature. 


Can you explain the table structure and how the data is stored (or 
point me to somewhere it is detailed)?   I am not sure I am 
getting it 
and I did not find specifics of it on the website of the DB 
design.   I 


The README.sql file included in the nmapsql package has a brief
description of each table. I created a Relationship diagram using MS
Access on the nmaplog database. This should be more illuminating. It's
attached to this email in PDF format. 


looked at the code and some of included items and had to infer the 
rest.  I just don't understand how the Version scanning (-sV) 
is stored 
in the DB.  -A is "All" (more or less) which includes OS 
detection (-O) 
and Version scanning (-sV) with the default Connect scan (-sT).


Nmap 3.48 uses -A for "additional advanced and aggressive" options. To
simplify, yes it enables -sV and -O. The results are stored in the
portstat table. Result of -O is stored in portstat.os_guessed. Output of
-sV stored in portstat.fullversion.


Please don't take me wrong.  I think it is a good patch, I am 
just not 
sure it will scale for what I need.  I have looked at a lot 


Don't worry. Been there, done that. Scalability, however, depends
largely on how you deploy the solution. MySQL is the only component in
this picture needing scalability, and I doubt anyone will doubt it's
scalability for something like this. 

-- Hasnain

Attachment: Relationships for nmaplog static data.pdf
Description: 

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]