Nmap Development mailing list archives
[PATCH] Report more accurate host start and end times
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Sat, 22 Dec 2007 03:58:25 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Developers, Attached is a patch to report when each individual host started being scanned and when the host finished. For scans involving just a handful of hosts (just one hostgroup) the times reported are nearly exactly the same time as the start and end time of Nmap. The output requires at least verbosity level 1 and looks like this: Host gamma.ucsd.edu (132.239.181.229) appears to be up ... good. Scan of 132.239.181.229 started at 2007-12-22 03:33:06 UTC and ended at 2007-12-22 03:36:12 UTC Interesting ports on gamma.ucsd.edu (132.239.181.229): Not shown: 65450 closed ports, 82 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 5959/tcp open unknown I've also added this data to the XML output on the <host> element like so: <host starttime="1198292349" endtime="1198292370"> The DTD has been updated accordingly. Now, you might be asking yourself "Why is this useful? Doesn't Nmap already report when it was started and ended?". Yes, Nmap does, but sometimes it isn't detailed enough for each host. Often I run scans that either by necessity or design take many hours to finish. Somewhere in that time, each of thousands of hosts were started, scanned, and finished. Currently the output isn't explicit enough about /when/ within that time each individual host was scanned. This sort of problem is generally only run into scanning very transient hosts on wireless or VPN networks. I suppose for very long scans even DHCP networks may require the host time resolution provided in this patch. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHbIthqaGPzAsl94IRAg/FAJ4mmsCoiM9xrWvtmMgPxJa2897wSgCfRbFF 3Y2yJ/NTs6/wwD+VMAjbDEI= =V/Y9 -----END PGP SIGNATURE-----
Attachment:
host_times.diff
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] Report more accurate host start and end times Brandon Enright (Dec 21)