Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: Missing XML scaninfo entity for ping scan
From: Fyodor <fyodor () insecure org>
Date: Sun, 30 Jan 2005 21:03:34 -0800
On Fri, Jan 07, 2005 at 12:12:57PM -0000, Martin O'Neal wrote:


When running a ping scan (echo, mask, timestamp) and nothing else, the
scaninfo xml entity doesn't get included, so you have no idea (without
analysing the args in the nmaprun entity) what the scan was.

Can the scaninfo entity be included for all scanning?


The scaninfo element is printed once for each type of port scan
conducted.  So you get two of them if you do a SYN and UDP scan, each
of which tells what ports the respective scan is testing.  A ping-only
scan does not print any scaninfo lines, because that doesn't really
count as a port scanning technique.  Perhaps there should be a
pinginfo line, breaking down what types of pings were used.  I suspect
a lot of people would like to see the ping results in that element as
well.  Nmap currently does not tell which ping types elicited a
response unless you use --packet_trace.

Cheers,
Fyodor

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]