Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [FEATURE] Multible scan options in the same run
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 10 Dec 2013 20:32:52 -0600

Just realized that I fell victim to "overscanning" myself here. The
Nmap command should use -Pn -n, since you probably don't want to run
this on a host that's not confirmed up, and there's no point in
re-accomplishing the reverse DNS lookup. Just an example.

Dan

On Tue, Dec 10, 2013 at 11:03 AM, Daniel Miller <bonsaiviking () gmail com> wrote:
On 12/10/2013 08:02 AM, John Bond wrote:

Hello All,

d33tah just made a comment in IRC that it would be useful to run
multiple TCP scan options in the same run and have all results shown.
  Something a bit like the following example.


nmap -sA -sT -sI -sF -sW -p 22 localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2013-12-10 14:54 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000089s latency).
PORT   STATE(sA)  STATE(sT) STATE(sI) STATE(sF)   STATE(sW)  SERVICE
22/tcp   unfiltered      open          unknown    open|filtered
closed          ssh

Nmap done: 1 IP address (1 host up) scanned in 0.04 second

This would be very useful for working out the best scan type for a
specific network or device and would love to see it implemented.

John

I would not discourage someone from attempting to implement this, but I
wouldn't recommend using it. When I try to help someone with an Nmap scan,
the most common thing I end up doing is *removing* parts of their scan. I
feel that an Nmap scan should be targeted to the kind of information that is
desired, and that when people complain about Nmap's slowness, it is because
they are trying to do too much (e.g. -A, --script all, etc.) at once.

Some considerations for the implementer:
* How will NSE portrules work when the port is in multiple states?
* How can this be made better than a shell script that runs each type in
sequence?

Example Perl script is attached.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault