mailing list archives
Re: anyone have any idea on this?
From: David Fifield <david () bamsoftware com>
Date: Wed, 12 Jan 2011 16:17:27 -0800
On Wed, Jan 12, 2011 at 09:05:14PM +0000, mike bickett wrote:
i was curious about something related to nmap. since one has the ability to do a protocol scan (granted, the headers
are empty) with nmap, i was wondering if those same headers left empty could be somehow filled with actual proper
protocol data? what i would like to see in nmap is have the ability to send out the proper payloads for protocols
would this be possible? i understand nmap does not use modules like nemesis did, it instead uses the NSE scripts for
most protocol interraction. i was mentioning this since i have never seen any discussion of using nmap for something
other than basic ICMP/UDP/and TCP scanning. can it be made available for the protocols i have mentioned (and more)?
maybe this is something that should be looked into since i now notice nmap scripts are even migrating to the
multicast level. if any lf this didn't make any sense to the group, i am sorry
Nmap does send proper protocol headers for a small number of selected
protocols (TCP, ICMP, IGMP, UDP, SCTP). If you have headers for other
protocols they are most welcome for discussion. Take a look at the
PS_PROTO case in sendIPScanProbe in scan_engine.cc.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/