Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: Nmap Issues/ Suggestoins / Question

Re: Nmap Issues/ Suggestoins / Question

From: Fyodor <fyodor_at_insecure.org>
Date: Fri, 9 Mar 2007 18:18:56 -0800

On Fri, Mar 09, 2007 at 08:05:58PM -0600, Alan Jones wrote:
>
> -- It would be really really nice if Nmap would report all IP addresses
> that a name resolves to not just one address. What If I wanted to know
> the second address (or 3rd) address so I could scan that?

Hi Alan! Perhaps you are right that Nmap should report the other
non-scanned addresses (at least in the XML or in verbose mode). But
for now, 'host' does the trick pretty easily:

flog> host microsoft.com
microsoft.com has address 207.46.197.32
microsoft.com has address 207.46.232.182

> --The problem I had though was Nmap said it would scan the address it
> reported and resolved from the name of the two but it did not finish the
> scan and report anything.

Hmmm ... it certainly should finish! We would need more details to investigate.

> 2. I was curious if there were any guesses on 4.21 Alpha 2 binaries
> would be released along with newer OS and Services Signatures?

Within a week, I hope! I've been doing submission integration
constantly over the last few days and have checked my latest updates
into SVN. I am currently working on submission #252 out of 1,014 and
I'm trying to do at least 100-200 per day.

> 3. If a scan reports a service running that Nmap does not know about
> what is the best way to try and trace down what that service might be so
> I can send in an accurate fingerprint (on a Windows box)?

Maybe someone else can give good advice on this one.

> 4. When scanning things like our Ricoh MFPs (multi-function printers)
> nmap reports several services it does not recognize. However that is
> all part of the propriety configuration of the machine. Is there
> anything I could send in to help with these to to help others when they
> are scanning their network?

If the output contains confidential information, you can 'x' that out
and put a clear description of what you have done in the summary
field. Be sure to put one 'x' per character you remove so the
alignment isn't affected in a bad way. Or you can create, test, and
send a new signature. Instructions are at
http://insecure.org/nmap/vscan/ .

I did receive your Ricoh OS fingerprint submissions (not all integrated
yet). Thanks!

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Mar 09 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]