Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: anyone have any idea on this?
From: David Fifield <david () bamsoftware com>
Date: Wed, 12 Jan 2011 16:17:27 -0800

On Wed, Jan 12, 2011 at 09:05:14PM +0000, mike bickett wrote:

i was curious about something related to nmap. since one has the ability to do a protocol scan (granted, the headers 
are empty) with nmap, i was wondering if those same headers left empty could be somehow filled with actual proper 
protocol data? what i would like to see in nmap is have the ability to send out the proper payloads for protocols 
like CDP/EIGRP/PIM/etc
would this be possible? i understand nmap does not use modules like nemesis did, it instead uses the NSE scripts for 
most protocol interraction. i was mentioning this since i have never seen any discussion of using nmap for something 
other than basic ICMP/UDP/and TCP scanning. can it be made available for the protocols i have mentioned (and more)? 
maybe this is something that should be looked into since i now notice nmap scripts are even migrating to the 
multicast level. if any lf this didn't make any sense to the group, i am sorry

Nmap does send proper protocol headers for a small number of selected
protocols (TCP, ICMP, IGMP, UDP, SCTP). If you have headers for other
protocols they are most welcome for discussion. Take a look at the
PS_PROTO case in sendIPScanProbe in scan_engine.cc.

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]