Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

RE: wishlist item: paralellized list scan
From: "Craig Humphrey" <Craig.Humphrey () chapmantripp com>
Date: Thu, 30 Sep 2004 13:01:36 +1200
I wrote some perl scripts for doing bulk DNS grinding.  I think I've
still got them somewhere...  You could set how many threads to use.  If
I can find them, do you want a copy?  They're fairly basic.

[background]
I wanted to put a block on all ADSL users for an ISP since we were
getting an excessive amount of noise from them.
I knew the pattern an ISP used for their ADSL DNS entries, but because
they didn't have one contiguous IP address space, I had to grind their
DNS space, generating IP lists, which I converted to ranges that I could
block.

Normally you can get whois to return enough info for getting IP ranges,
but they'd sublet parts of their blocks to customers and their ADSL
ranges were scattered about... Fun.

Some places now "mark" their IP rages for particular uses (e.g.
ADSL/cable/dial-up "dynamic" users, as opposed to "static"
clients/services).

Later'ish
Craig



-----Original Message-----
From: Alan Jenkins [mailto:sourcejedi () phonecoop coop] 
Sent: Thursday, September 30, 2004 8:17 AM
To: nmap-dev () insecure org
Subject: wishlist item: paralellized list scan

The list scan, nmap -sL, doesn't run in parallel - only one 
DNS query runs at 
a time.  It is potentially useful to to be able to scan a 
large network 
address space for machines with a registered hostname.

Is this technically feasible?
Would it be too much work to implement in nmap?

A little research suggests that nmap uses gethostbyaddr, 
which blocks until 
the host is resolved - and that therefore it would be 
necessary to send dns 
requests manually - perhaps after first looking in /etc/hosts 
(assuming using 
multiple threads or processes is not really an option)

Does anyone know a tool capable of doing this already?

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org





---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]