Nmap Development mailing list archives
Re: 4.03 "write buffer not large enough" and "-q (quiet)"
From: Fyodor <fyodor () insecure org>
Date: Sun, 14 May 2006 23:03:08 -0700
On Mon, May 15, 2006 at 12:18:26AM +0000, Brandon Enright wrote:
Rather than getting output like this -- (The 34179 ports scanned but not shown below are in state: closed) ... long list of filtered and open ports ... I'd like the option of not printing any port state with a frequency higher than say, 1024. Something like this -- (The 65531 ports scanned but not shown below are in states: closed or filtered) ... short list of open ports ...
Good call. I agree, and just implemented something like that for the next development version (due out this week). Here are a couple examples: flog/home/fyodor/nmap#./nmap -T4 -p- zardoz Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2006-05-14 23:02 PDT Interesting ports on zardoz (192.168.0.69): Not shown: 64530 closed ports, 1000 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 443/tcp open https 32769/tcp open unknown Nmap finished: 1 IP address (1 host up) scanned in 26.463 seconds flog/home/fyodor/nmap#./nmap -T4 -p3000-4500 zardoz Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2006-05-14 23:03 PDT All 1501 scanned ports on zardoz (192.168.0.69) are closed (1000) or filtered (501) Nmap finished: 1 IP address (1 host up) scanned in 3.247 seconds And here is the CHANGELOG entry, which covers some corner cases: o Nmap now allows multiple ingored port states. If a 65K-port scan had, 64K filtered ports, 1K closed ports, and a few dozen open ports, Nmap used to list the dozen open ones among a thousand lines of closed ports. Now Nmap will give reports like "Not shown: 64330 filtered ports, 1000 closed ports" or "All 2051 scanned ports on 192.168.0.69 are closed (1051) or filtered (1000)", and omit all of those ports from the table. Open ports are never ignored. XML output can now have multiple <extraports> directive (one for each ignored state). The number of ports in a single state before it is consolidated defaults to 26 or more, though that number increases as you add -v or -d options. With -d3 or higher, no ports will be consolidated. The XML output should probably be augmented to give the extraports directive 'ip', 'tcp', and 'udp' attributes which specify the corresponding port numbers in the given state in the same listing format as the nmaprun.scaninfo.services attribute, but that part hasn't yet been implemented. If you absoultely need the exact port numbers for each state in the XML, use -d3 for now. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- 4.03 "write buffer not large enough" and "-q (quiet)" Brandon Enright (May 14)
- Re: 4.03 "write buffer not large enough" and "-q (quiet)" Martin Mačok (May 14)
- Re: 4.03 "write buffer not large enough" and "-q (quiet)" Fyodor (May 14)
- [PATCH] Re: 4.03 "write buffer not large enough" and "-q (quiet)" Brandon Enright (May 20)