Nmap Development mailing list archives
Re: Nmap 4.60 released
From: doug () hcsw org
Date: Fri, 21 Mar 2008 20:15:19 -0800
Hi all,
On Fri, Mar 21, 2008 at 12:48:58AM +0000, Brandon Enright wrote:One change I'd like to see to qscan is that it become another option like traceroute rather than its own scan. I'd like to be able to run discovery and standard port scanning and then at the end, have qscan run to lump the ports into buckets. I don't believe this would sacrifice any power or flexibility and would make qscan integrate into Nmap as though it were just another --feature rather than a completly different mode.
Good idea. I agree that it would probably fit better with Nmap this way. I guess it would add another column to the ports along with STATE, VERSION, REASON, etc? On Thu, Mar 20, 2008 at 05:53:44PM -0700 or thereabouts, Fyodor wrote:
Thanks for your comments. Maybe it would make a good NSE script now that we have pcap and raw IP functionality built in. It would certainly be interesting to see whether NSE is performant enough to handle this task which requires very accurate timing.
Also interesting. Honestly, it wouldn't surprise me if lua IS up to the task. Incoming packet times recorded by pcap would be unaffected and sending a packet will usually just add a small constant time to each packet's RTT as long as you allocate no memory in your sending routine (so the GC doesn't run--or free(3) decides now is a good time to merge some buddy block slabs or whatever). One possible problem with using NSE is I'm not sure if scripts can coordinate and share results at the end of a scan. This needs to be done to determine which bucket each port belongs in relative to the other ports. In fact this needs to be done between hosts not just ports for full qscanage (tm). Maybe a potential SoC project? QSCANv2+XML output+docs? I could probably mentor such a project. For anyone interested, here are the original docs: http://hcsw.org/nmap/QSCAN The most recent patch is Jason's for Nmap 4.60 which you can find earlier in this mailing list thread (thanks Jason!). Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.60 released Fyodor (Mar 15)
- Re: Nmap 4.60 released DePriest, Jason R. (Mar 17)
- Re: Nmap 4.60 released Fyodor (Mar 20)
- Re: Nmap 4.60 released Brandon Enright (Mar 20)
- Re: Nmap 4.60 released Fyodor (Mar 20)
- Re: Nmap 4.60 released doug (Mar 21)
- Re: Nmap 4.60 released Fyodor (Mar 20)
- Re: Nmap 4.60 released DePriest, Jason R. (Mar 20)
- Re: Nmap 4.60 released DePriest, Jason R. (Mar 17)