Security Basics mailing list archives
Re: Query: NMAP and Multiple Tier Network Discovery
From: "Jason Ross" <algorythm () gmail com>
Date: Wed, 6 Aug 2008 13:28:47 -0400
On Wed, Aug 6, 2008 at 8:46 AM, william fitzgerald <wfitzgerald () tssg org> wrote:
Dear Experts, Can NMAP map and traverse multiple networks with a single enterprise. I am looking for a nice open source network discovery tool that can discover hosts and their services within a enterprise/corporate environment. Example enterprise network topology: GatewayFirewall --> DMZ Servers --> Tier2-Firewall --> Application Servers --> Tier3-Firewall --> Databases --> Corp-LAN It would be handy to use a tool to traverse the network (including firewalls and routers) to map out the entire network for host types and service they run. Presumably all firewalls in the enterprise network would have rules to permit the dedicated host running nmap. Is NMAP capable of this if its only hosted/running in a single tier or should I be looking at: multiple instances of nmap or another tool (www.netdisco.org/ ) or a combination of tools.
Maybe I'm missing some subtlety in the problem, but if you can summarize the different networks, you can scan them all from a single nmap instance: TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets --exclude <host1[,host2][,host3],...>: Exclude hosts/networks --excludefile <exclude_file>: Exclude list from file That said, if all you're attempting to do is enumerate hosts, there may be better tools to accomplish this ... scanrand comes to mind. It'd allow for summarizing similarly to nmap, but may provide better results dealing with large numbers of hosts. -- Jason
Current thread:
- Query: NMAP and Multiple Tier Network Discovery william fitzgerald (Aug 06)
- Re: Query: NMAP and Multiple Tier Network Discovery Jason Ross (Aug 06)
- Re: Query: NMAP and Multiple Tier Network Discovery Adriel Desautels (Aug 06)