Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: LAN/WAN Configuration Management

Re: LAN/WAN Configuration Management

From: Fyodor <fyodor_at_insecure.org>
Date: Wed, 5 Oct 2005 00:30:57 -0700

On Tue, Oct 04, 2005 at 11:45:58PM +0200, Ole Morten Grodås wrote:
>
> The main problem is the time delay before nmap prints the results to the XML
> output. This is making the application less interactive than it could have
> been. Users might also get the impression that nmap is a slow scanner. For
> example it would have been a great improvement if the result tree was
> updated dynamically as nmap got the results.

Good point. One option is to show the Nmap output in verbose mode
while it runs, that way users can see what is going on, estimated time
of completion, new open ports as they are discovered, etc. Another
option is to print an XML output line when a new port is discovered
open or a new host found up. The XML format used to have such a
feature, but it was removed during the port scanner rewrite since few
applications used it and it would have needed to be modified to print
the target IP on each line since the port scanner now handles multiple
targets at once. I would probably integrate a patch to return the
functionality if someone sends me one. The patch would have to update
the DTD as well as the code.

> >From a GUI or "interactiv" point of view the current xml output method is
> kind of a problem. At least when I am scanning a network I want information
> as soon as it is available.

Except for the verbose mode port state notes and completion time
estimates, which aren't enabled by default in Nmap, XML is generally
spit out at the same time as with normal output. The advantage of
waiting a little longer is that it allows Nmap to sort the data and
present it all together

> I agree with Nils Magnus that we should try to avoid adding unnecessary
> complexity to nmap.

No arguments here :).

> prints results I think it would be a good Idea to separate the scanner from
> the way the results are displayed.

Yeah, that is why I haven't added features such as "output to
database" and "output to HTML". It is better to let people convert
from the XML to these.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Oct 05 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos