Nmap Development mailing list archives
Re: nmap +multiping
From: Fyodor <fyodor () insecure org>
Date: Mon, 26 Nov 2001 22:00:53 -0800
On Tue, Nov 27, 2001 at 12:23:49AM -0500, Dion Stempfley wrote:
I was fighting with the most efficient methods to do host discovery, and found that I occaissionally needed to use different tcp ports in tcp ping scans to get really reliable results.
Cool! This has been on my TODO list for a long time, but I haven't had a chance to implement it cleanly. I have also been using multi-run approach of doing a "-sS -P0", plus potentially a "-PI" and several with "-g" source ports such as 20,53,etc. Then I merge the results to determine the hosts that deserve the full "-P0 -sSU -p-" treatment. Clearly this is suboptimal. I would accept a clean patch for allowing multiport pings. Ideally it should be well tested, support all the ping types (-PT, -PB, -PS, etc), and have a reasonable syntax. Connect() support would be pretty useful as well.
So here is a hack to allow nmap to support multiple tcp probe ports during scanning.
Did you remember to attach the patch or a URL to it? If you did attach it, maybe the content-type was wrong (this listserv bans many application/* types, Word/Excel documents, etc).
The syntax is basically: nmap -PB -pR:22,23,53,80,443,T:1-1024 ...
Why not extend the current pingport system to allow a list of ports? For example you can currently do "-PB80" or "-PS80". How about just allowing "-PS53,80,113"?
scanning. Options such as idle scanning only use the first probe port specified.
That sounds appropriate.
It seems to work, but has undergone limited testing. If the general consenus is that this is useful I will try to clean it up, and make it integrate into the existing code more nicely.
Sure! I'll bet many people would find it handy! Cheers, Fyodor --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- nmap +multiping Dion Stempfley (Nov 26)
- Re: nmap +multiping Fyodor (Nov 26)
- <Possible follow-ups>
- RE: nmap +multiping Dion Stempfley (Nov 27)
- RE: nmap +multiping Emil (Nov 27)