Security Basics mailing list archives
RE[4]: Finding web servers with nmap
From: Denis <da_shestakov () myrealbox com>
Date: Fri, 09 Dec 2005 15:18:58 +0200
Hi, Thanks all for the answers! Suggestions for discovery web servers (I define a web server as a host with open port 80 serving http and, particularly, do not care about other ports) in some IP range were using the following tools: WotWeb nmap Acunetix web scanner amap The WotWeb program seems the best tool for the task I have. However, I wonder how the process of identifying whether http service is listening on a port or not happens. Is it sending probes like "HEAD / HTTP/1.0" or something less trivial? May I be sure that I do not miss any host with publicly available web server on it when scanning with the WotWeb some IP range (of course suppose that network,DNS,etc. are fine)? nmap can be also used for that with the options (additionally, these non-essential for my task options may be added - -v, -n, -T5 or -T4, -sV): #nmap -v -sT -P0 -p 80 -oG your.log -iL x.x.0-255.0-255 or the same but with -sS instead of -sT #nmap -v -sS -P0 -p 80 -oG your.log -iL x.x.0-255.0-255 So, what would be better - running with -sT (faster) or with -sS? Then, does -P0 option when performing sequential scan of large IP ranges prevent the appearance of my machine in a list of compromised or infected hosts? -- BR, Denis mailto:da_shestakov () myrealbox com
Current thread:
- RE: Re[2]: Finding web servers with nmap, (continued)
- RE: Re[2]: Finding web servers with nmap Burton Strauss (Dec 02)
- Re: Finding web servers with nmap Robin Keir (Dec 01)
- Re: Finding web servers with nmap Jeffrey F. Bloss (Dec 05)
- RE: Re[2]: Finding web servers with nmap Burton Strauss (Dec 02)
- RE: Finding web servers with nmap Jonathan Loh (Dec 02)
- Re: Finding web servers with nmap Gaddis, Jeremy L. (Dec 05)
- Re: Finding web servers with nmap Balaji Prasad (Dec 06)
- RE: Finding web servers with nmap tom . farrar (Dec 02)
- RE: Finding web servers with nmap Jonathan Loh (Dec 05)
- Re: Finding web servers with nmap y0 (Dec 02)
- RE: Finding web servers with nmap Steve McLaughlin (Dec 07)
- RE[4]: Finding web servers with nmap Denis (Dec 12)