Actually, I think it makes more sense to leave stuff *out* of nmap that is
already trivially available (host -l?) lest nmap become fat. Attempting a
zone transfer of a domain is a sure-fire way to draw attention to yourself
if the other side's hostmaster has two brain-cells to rub together.
-----Original Message-----
From: johann sebastian bach [mailto:jsb4ch_at_hotmail.com]
Sent: Thursday, February 04, 1999 10:03 PM
To: nmap-hackers_at_insecure.org
Subject: Re: nmap-2.03 DNS address scanner
cool. someone should do a better implementation that doesnt use
gethostbyaddr() (maybe use res_mkquery(), and send multiple queries at a
time.. ) determining hosts are *UN*resolvable takes a long time, and
going serially is very slow..
another cool thing to add to nmap might be DNS AXFR query capability
(have it transfer all the ip addresses in the zone and then scan them or
whatever) so that you could scan based on domain and not ip address, or
bypass firewalls (maybe in a very obscure case :)))
Received on Feb 05 1999
Intro
