Nmap Development mailing list archives
Re: Qscan in NSE: qscan.nse
From: Ron <ron () skullsecurity net>
Date: Wed, 17 Mar 2010 21:20:09 -0500
From a quick look, it doesn't appear to work (nothing is output, including errors) against my domain (Skullsecurity.org). There should be a few different groups on it -- ports 22, 23, and 902 all point at different machines here.
On Wed, 17 Mar 2010 21:06:39 -0500 Kris Katterjohn <katterjohn () gmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/17/2010 12:39 PM, David Fifield wrote:Doug's patch and documentation are here. http://hcsw.org/nmap/QSCAN http://hcsw.org/nmap/nmap-4.52-qscan.patch The output looks like this. Here port 8080 is being port forwarded. Qscan parameters: round trips: 10, avg delay = 200ms, confidence = 0.95 Target:Port Fam uRTT +/- Stddev Loss% 192.168.1.254:23 A 3.1 +/- 0.1 0 192.168.1.254:25 A 3.1 +/- 0.2 0 192.168.1.254:80 A 3.2 +/- 0.1 0 192.168.1.254:8080 B 4.6 +/- 0.3 0 192.168.1.254:9876 A 3.1 +/- 0.2 0 I agree it would be a good NSE script. We have the mechanism now, with nmap.ip_send to send packets and nmap.get_ports to enumerate all open ports.Luckily I had some of free time this afternoon and got a script written up, attached as qscan.nse. NSEdoc at the top should cover the options and usage, but the rundown on the options are confidence, delay and numtrips just like the original qscan has. Here's the @output from NSEdoc: | qscan: | PORT FAMILY MEAN STDDEV LOSS% | 21 0 0.40 0.52 0.0% | 22 0 0.60 0.52 0.0% | 23 0 0.40 0.52 0.0% | 80 1 0.80 0.42 0.0% |_443 0 0.50 0.53 0.0% Any comments or suggestions are appreciated!David FifieldCheers, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJLoYquAAoJEEQxgFs5kUfuccYQAJSpdusjppFTH8F3YV+07CDI gcu9RxpyZcZGWR7dPb/vI/OX9TypxsPQmEZMTZUatYVcO11I0Ab+pZxmiSr9k33r 21NzFRtYl8D8qmJ8UbCU7iM7eyGtXJlFt6wWOa0875QFiaBz2DlV8NeyXjXa6Mcc 1sr5V3YKY43j0Smord/WPFpMKAPpmCuC/ks1Pf5k/QkE9/0vDKEBgQb+40opvxlK hqKRoBKegOKekHNQTUzkiOJ+O2ZjjKsvKamMVKLkQUBexP9MicvjyTtYsuGvM9fH tet0+x3bzQ+d7DZ/sgIpJoglSUWoqEjquhfGxAU6ys9grY464xRSsASdC+nO5fsb g1YAwFsCgOqsvC9SJAANtTny2/jJ7BBbdgrTEQ72s1x7hUs4K6geyLEem2S6CVEb Kz04BXT/j1fnMb854B1ViiyotT4psu1mK90c3DGQOpxo9OT/v5ltqGShT0+oCw93 2VJCcTXHJC0EhcrooNhAfgODxhVe+zve5RwnsBGn/2ZsFsMkJsr80/GdN5fzUOuP uTAphHsfs8vtgR2dIInHFn8sGY1zkVVUdi5h+CI2frmonUiYfZpsydEopfslKyJh JRkU1qUoq5Xrl+9NZhev9y5EzXsYMSgF9KSDuB+ofy8CQhG0k2cj5I2FyVXB2SFC +Z3Ad2rneQFeRM+vC99R =b2a+ -----END PGP SIGNATURE-----
-- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] script idea: identify ports behind a NAT Ron (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT jah (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT DePriest, Jason R. (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT David Fifield (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT Kris Katterjohn (Mar 17)
- Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Ron (Mar 17)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Ron (Mar 18)
- Re: Qscan in NSE: qscan.nse Fyodor (Mar 20)
- Re: Qscan in NSE: qscan.nse Ron (Mar 19)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 19)
- Re: Qscan in NSE: qscan.nse David Fifield (Mar 20)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)
- Re: [NSE] script idea: identify ports behind a NAT jah (Mar 17)
- Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 20)
- Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 18)
- Re: Qscan in NSE: qscan.nse doug (Mar 20)