Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] firewalk-path script
From: David Fifield <david () bamsoftware com>
Date: Mon, 21 Feb 2011 19:00:23 -0800

On Mon, Jan 17, 2011 at 11:59:40AM +0100, Henri Doreau wrote:

here is an updated version of the script. I initially wanted to add a
way for the user to supply the ports to probe. I thought about direct
specification of ports ranges through --script-args but this can
already be achieved using -p <ports> and that would have been somehow

If the real aim of firewalking fewer ports than every filtered ones is
to reduce the execution time, then just using a limit of ports to
probe would be better. I have seen that qscan.nse uses this solution
with qscan.numopen and qscan.numclosed.

This second version simply offers a max-probed-ports argument and
makes use of stdnse.get_timespec() to parse timing options.

Hi Henri, I took this more recent script and renamed it over the
previous firewalk.nse. The feature of automatically identifying the
gateways that are dropping packets is so useful that I think it will be
the more common behavior.

If you would like to, you can restore the .ttl and .gateway arguments
that would cause the script to work as it did before.

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]