Security Basics mailing list archives
Re: NMAP
From: Yaniv Shaked <yaniv () shaked org>
Date: Fri, 22 Jun 2012 23:17:59 +0200
Alright, so what do you mean "active hosts"? Nmap knows a lot of ways to get this done. What are these hosts? Are these a bunch of servers at a DMZ which simply answer to a ping? nmap -PE -sn 192.168.0.0/24 The -PE tells nmap to do a host discovery with "Ping Echo" (Regular ping) The -sn tells nmap to stop running after the host discovery, without it, it would run it's default port scan on the live hosts (The first rule of nmap: If you don't tell him not to do it. It'll do it) If these computers doesn't reply to a Ping, but they are in your LAN, you could probably do: nmap -PR -sn 192.168.0.0/24 It'll just send arps to each computer, any computer that will answer the are request, nmap would know it is alive. There some times that these computer you're about to scan are not in your LAN and do not reply to a Ping. Now you need to be more creative. Added here the relevant text from nmap -h (Bolded the super-relevant): HOST DISCOVERY: -sL: List Scan - simply list targets to scan -sn: Ping Scan - disable port scan -Pn: Treat all hosts as online -- skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers <serv1[,serv2],...>: Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host You can choose your own ports to scan for each one (TCP SYN in 80, 8080, 443, 5589 etc) or just leave it empty (-PS) to let nmap try it's default ports. Enjoy! On Fri, Jun 22, 2012 at 10:09 PM, <flanny16 () gmail com> wrote:
I am a little rusty on my nmap skills from previous experience and googled around to no avail. I want to scan subnet for "active" hosts. I use zenmap on my linux box and run namp -sL 192.168.0.0 /24 but I get a list of clients. How to i export that to something tangible? I was able to save it to xml format but then what :) any feedback appreciated or other network scan suggestions. thanks, GMF ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- Thanks, Yaniv ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------