mailing list archives
Re: Question on --version-intensity and -sR interaction
From: Fyodor <fyodor () insecure org>
Date: Fri, 4 Mar 2011 17:51:11 -0800
On Fri, Mar 04, 2011 at 06:12:40PM -0600, Daniel Miller wrote:
which seems to contradict what you said about only if they are
detected as "rpcbind."
Well, the "only if detected as rpcbind" behavior is only true if
version detection is requested. With just -sR, Nmap does as the man
page suggests and sends a bunch of probes to every port.
My feeling is that we should probably remove the -sR option, but keep
RPC grinding as a part of version detection. Even the Nmap man page
acknowledges that "As version detection includes this and is much more
comprehensive, -sR is rarely needed". Even if all you need is RPC
grinding, -sV is generally more efficient since it does the "is this
service even RPC?" check first.
Does anyone here use -sR without version detection (-sV or -A)?
Removing command-line arguments is less popular than adding them, but
it's something we need to do to keep Nmap (and its documentation) from
getting too bloated and confusing. So unless we hear from folks here
who really like having -sR by itself, I think we'll undocument it.
For compatibility, we'll probably make it an alias for -sV and print a
warning that it is deprecated.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/