Nmap Development mailing list archives
Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address
From: Fyodor <fyodor () insecure org>
Date: Wed, 13 Jun 2007 19:56:11 -0700
On Tue, Jun 12, 2007 at 04:26:31PM -0700, Chad Loder wrote:
On Wed, Jun 13, 2007 at 12:49:06AM +0200, Diman Todorov wrote: There is already code within core nmap to do this, although I don't know if it has been maintained.
Good point chad. Nmap actually has a frew functions functions related to this: isipprivate() --> Checks if an IP address is 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 islocalhost() -> Checks if an IP is localhost ip_is_reserved() -> The most comprehensive of the bad IP chekers. Includes the isipprivate() IPs as well as 127/8 and a bunch of addresses that just haven't been allocated yet. So which one should we use? islocalhost() is out because it returns true for the IP address of your own machine (e.g. if I was scanning www.insecure.org from www.insecure.org). isprivate works, but the big ommission is the 127.0.0.0/8 which you don't want to do a ripe lookup on. ip_is_reserved should do the trick, though at the risk of missing out on IPs which were reserved bu no longer are. Also, it can be useful and informative that RIPE says an IP is currently reserved. So I would suggest either use isipprivate() + 127.0.0.0/8 or ip_is_reserved(). Whatever you guys think is best. But I'm leaning toward the former, since most people won't be scanning the other "reserved" blocks unless the Nmap reserved list is out of date or they have other reasons for wanting details on those IPs. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address DePriest, Jason R. (Jun 10)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Eddie Bell (Jun 11)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Arturo 'Buanzo' Busleiman (Jun 11)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Eddie Bell (Jun 11)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Thomas Buchanan (Jun 11)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Diman Todorov (Jun 12)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Chad Loder (Jun 12)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Fyodor (Jun 13)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Diman Todorov (Jun 14)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Arturo 'Buanzo' Busleiman (Jun 11)
- Re: suggestion to update ripeQuery.nse to not bother if the IP address is a private IP address Eddie Bell (Jun 11)