Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Nmap Development: Re: Feature Request: --update

Re: Feature Request: --update

From: Andreas Ericsson <ae_at_op5.se>
Date: Fri, 19 Jan 2007 15:34:52 +0100

Kris Katterjohn wrote:
> Hari Sekhon wrote:
>> I would very much like it if nmap could update it's signature database
>> for fingerprinting remote hosts.
>>
>> For example
>>
>> nmap --update
>> fetching latest fingerprints....
>> done
>>
>> I have been using nmap for a few years and to my knowledge this isn't a
>> current feature (please correct me if I am wrong. I also just did "nmap
>> --help|grep update" and got nothing).
>> When using an older nmap it fails to fingerprint systems as well as a
>> modern nmap. I'm currently using nmap 4.20.
>>
>> The reason I ask for this feature is not because I'm too lazy to upgrade
>> to the latest version but because on livecds and such you are sometimes
>> using old versions on nmap and it would be excellent if you could just
>> nmap --update and get the latest sigs. For example, Knoppix STD has nmap
>> 3.48 on it and rather than installing a new nmap every time you reboot,
>> it would be better to just nmap --update && nmap [options] target.
>>
>> Really nmap --update could do a lot more than just sigs, but also
>> nmap-service-probes and other nmap-* files in /usr/share/nmap or
>> /usr/local/share/nmap, perhaps even upgrading the whole thing in place
>> including the nmap binary so the second run is using a fully updated
>> nmap! (but that really is up to you if you wanted to be that nice -
>> however that would be Awesome. )
>>
>> I know that the fingerprint db has recently been changed but I'm not
>> sure how this affects this feature request.
>>
>>
>> Thanks for reading.
>>
>> -h
>>
>
> I've actually slowly been playing with something like this. I got the
> idea from ettercap --update. My thing semi-works but I never seem to be
> able to mess with it for more than a minute or two at a time. Something
> also seems to happen right after I open it, so I thought the Universe
> was trying to give me a hint :) Mine updates all the nmap-* files.
>
> But yeah, if anybody else wants to do this instead that'd be great.
>

pciutils have a similar functionality, but implemented as a separate
script. I can't help but feel that this would be much better than
adding some ftp/http/whatnot capabilities to the nmap core. 

-- 
Andreas Ericsson                   andreas.ericsson_at_op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 19 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]