Nmap Development mailing list archives
Re: Nmap XML HowTo
From: MadHat Unspecific <madhat () unspecific com>
Date: Thu, 10 May 2007 11:51:24 -0500
Amit Kumar Saha wrote:
In my view, the Nmap XML file is more useful for applications in scan results are required outside of native Nmap, which requires Nmap like functionalities. For example , you can easily use Nmap to scan a large network for live hosts (the services and all) and then after saving it to a XML log, use that XML file in a Python or Ruby or even C# applications. This is in addition to the inherent advantages of XML such as "Easy Machine Readability" , Platform indepence which together makes it a good candidate for using Nmap for a wide variety of applications.
Depends on what you are trying to do. grepable is much lighter in CPU usage when paring from my experience. I have a set of scripts that I used to scan seveal hundred thousand hosts a day and generate a single diff based on the grepable output. I didn't bother adding these to a database as it didn't suit my needs and increased the overhead, the same with XML. I think XML is useful for some applications, but the amount of overhead added by having to parse the XML can be large depending on how large the scan range is and what verbosity you are using in nmap. There is also the fact that XML is less forgiving, I can concatenate multiple greppable outputs together and have no issues with parsing the output because I am dealing with one line at a time, while if I make a mistake with XML the parser can easily barf. Don't get me wrong, I like the XML output and can see how it is very useful with inter-application interfaces and dealing with the data after the fact, but if I want to scan a class C for all the hosts that have port 22 open and only see the IP, it is much easier just use the grepable output and pipe it to sed/awk/perl whatever[1], while I can't do it in XML. I can also pass things to other apps that are not specifically written to work with the nmap XML format using the grepable output. See my paper on grepable output[2]. I give some good examples on how it is useful. My favorite Sorry, this was just meant to say that some of still use the grepable output and don't want to see it dropped. Not trying to start an argument or a religious debate on the ins and out of output methods of nmap. [1] $ nmap -p22 -PS22 -oG - 10.1.1.0/24 | awk '/open/{print $2}' [2] http://www.unspecific.com/nmap-oG-output/ -- MadHat _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Nmap XML HowTo, (continued)
- Re: Nmap XML HowTo Amit Kumar Saha (May 12)
- Message not available
- Message not available
- Re: Nmap XML HowTo Amit Kumar Saha (May 12)
- Re: Nmap XML HowTo offset (May 14)
- Re: Nmap XML HowTo Adriano Monteiro (May 17)
- Re: Nmap XML HowTo Guilherme Polo (May 22)
- Message not available
- Re: Nmap XML HowTo Amit Kumar Saha (May 13)
- Re: Nmap XML HowTo Amit Kumar Saha (May 10)
- Re: Nmap XML HowTo aihomes (May 10)
- Re: Nmap XML HowTo MadHat Unspecific (May 10)
- Re: Nmap XML HowTo Amit Kumar Saha (May 10)
- Re: Nmap XML HowTo MadHat Unspecific (May 10)
- Re: Nmap XML HowTo Fyodor (May 10)
- Re: Nmap XML HowTo Adriano Monteiro (May 11)
- Re: Nmap XML HowTo Amit Kumar Saha (May 09)