RE: wide-scan?

[Dion Stempfley <Dion () riptech com>]

Unfortunately, it's not called anything, and I never got to the point of
publishing.  I will dig out the code and see if I can get it to you.  

Dion

-----Original Message-----
From: 'Bradley Kite'
To: Dion Stempfley
Cc: nmap-dev () insecure org
Sent: 6/10/2002 1:55 PM
Subject: Re: wide-scan?

Dion,

Well ideally I am trying to do 2 things: wide scan, and log to a
postgres
database. The logging is to be done serially to get around the memory
requirements for storing thousands of host records, and logging direct
to a database means that the data is more readily accessable and
updateable,
(its mainly for work so that I know if people are running unauthorised
servers or been trojanded etc...)

What is the scanner that you wrote called, and where can I download it
if its publically available?

--
Regards
Bradley


On Mon, Jun 10, 2002 at 10:58:39AM -0400, Dion Stempfley wrote:
> From: Dion Stempfley <Dion () riptech com>
> To: "'Bradley Kite'" <bradley () deathsgate demon co uk>,
nmap-dev () insecure org
> Subject: RE: wide-scan?
> Date: Mon, 10 Jun 2002 10:58:39 -0400
> X-Mailer: Internet Mail Service (5.5.2653.19)
>
> I looked at this for a while last year.  After about 3 weeks of
banging my
> head, I decided that adding an option to nmap was too much of a change
to
> feel comfortable about the stability and maintainability of the end
product.
> I wrote a different scanner, stealing heavily from nmap of course:)  
>
> Do you intend to finish the entire block of hosts for a specific port
before
> moving to another port?  If so, you may need to keep several thousand
host
> records and results in memory before outputting them.  You would
probably
> lose the ability to resume a scan, since you don't have any partial
output
> to recover from.  Maybe a different output format could accommodate
the
> change to address some of these issues, but I didn't go down that
route
> originally.  For my scanner, I decided that by changing the output to
stream
> results instead of reporting by host, I would reduce the overall
memory
> requirements.  
>  
> Good luck,
>
> Dion
>
> > -----Original Message-----
> > From: Bradley Kite [mailto:bradley () deathsgate demon co uk]
> > Sent: Saturday, June 08, 2002 12:44 PM
> > To: nmap-dev () insecure org
> > Subject: wide-scan?
> >
> >
> > Hi everybody.
> >
> > I'm considering adding a 'wide-scan' option to nmap,
> > so that instead of scanning all ports on each host,
> > then moving to the next host (a deep scan) it will
> > scan port 1 on all hosts, and then move to port 2
> > (well it will actually move through the user-supplied
> > port list but you get my meaning...)
> >
> > I think that it will provide increased paralellism(?)
> > when scanning a lot of hosts with paranoid (-T) timing options
> > because while you are waiting, you can scan other hosts.
> >
> > The down side is that it will require a lot more memory,
> > but you can get around this by reducing the number of ports
> > you want to scan.
> >
> > Comments/Suggestions requested.
> >
> > Regards
> > -- 
> > Bradley.
> > pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc

-- 
Software Developer/Data Management Specialist
Alchemetics Ltd, http://www.alchemetrics.co.uk
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).