Re: Examples of legit nmap usage?

["Foust, Adam G." <agfoust () tva gov>]

I would like to thank everyone who responded to my query about legitimate
nmap usage. I've gained a better perspective (and many good tips) from
reading the various replies, and will begin making my case here for stepping
our intranet security up another notch by establishing an automated
"service" audit using nmap. Fyodor's new timing features will be especially
helpful in convincing our folks that this can be done in a very low-impact
way.

We've run home-grown (custom C, Tcl/Scotty, Perl) HTTP, FTP, fileshare scans
on our intranet since 1995 (our routing guys have never mentioned problems
with these) and it would be nice to integrate most of this into a single
network-wide scan, feeding individual audit reports by extracting subsets
from a common nmap global snapshot. If I manage to untangle myself from OSI
Layer 8, I'll get back to work on this. It would be nice to simplify our
existing system with nmap, expand the scope of what we currently report on,
and automate more things. The OS detection in particular could be extremely
helpful as there are all sorts of unconventional IP things plugging into and
living on our network these days.

I would like to thank Fyodor for what's shaping up to be a world-class tool
(commercial realm or otherwise), and for making it open source... and the
community that's supporting, contributing, and using this tool.