-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Developers,
Attached is a patch to report when each individual host started being
scanned and when the host finished. For scans involving just a handful
of hosts (just one hostgroup) the times reported are nearly exactly the
same time as the start and end time of Nmap. The output requires
at least verbosity level 1 and looks like this:
Host gamma.ucsd.edu (132.239.181.229) appears to be up ... good.
Scan of 132.239.181.229 started at 2007-12-22 03:33:06 UTC and ended at 2007-12-22 03:36:12 UTC
Interesting ports on gamma.ucsd.edu (132.239.181.229):
Not shown: 65450 closed ports, 82 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
5959/tcp open unknown
I've also added this data to the XML output on the <host> element like
so:
<host starttime="1198292349" endtime="1198292370">
The DTD has been updated accordingly.
Now, you might be asking yourself "Why is this useful? Doesn't Nmap
already report when it was started and ended?". Yes, Nmap does, but
sometimes it isn't detailed enough for each host. Often I run scans
that either by necessity or design take many hours to finish.
Somewhere in that time, each of thousands of hosts were started,
scanned, and finished. Currently the output isn't explicit enough
about /when/ within that time each individual host was scanned.
This sort of problem is generally only run into scanning very transient
hosts on wireless or VPN networks. I suppose for very long scans even
DHCP networks may require the host time resolution provided in this
patch.
Brandon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHbIthqaGPzAsl94IRAg/FAJ4mmsCoiM9xrWvtmMgPxJa2897wSgCfRbFF
3Y2yJ/NTs6/wwD+VMAjbDEI=
=V/Y9
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 21 2007
Intro
