Difficult Nmap Question from IRC

[majek04 <majek04+nmap-dev () gmail com>]

On Wed, May 14, 2008 at 5:14 AM,  <doug () hcsw org> wrote:
> Hey all,
>
>  Somebody had a tough question on IRC a few minutes ago. Let's
>  say you have a list of 10000 proxy servers (or torrent clients
>  or whatever) along with the specific port that proxy is thought
>  to be listening on. Is there any way to feed Nmap a list of
>  host/port pairs, instead of having Nmap scan each host with the
>  same port list? Assume that invoking Nmap separately for each
>  target is too inefficient.


 Nmap uses shared data structure for keeping information about scanned ports.
 See portmap.cc global variable:
 u16 *PortList::port_map[PORTLIST_PROTO_MAX];

 We can theoretically create a kind of blacklisted/whitelisted ports
 for host (Target). But I'm not sure it has any sense.
 (But maybe... port_map would need to have all possible ports,
 but getting not scanned ports would need to be customized
 for Target instance)

 The solution for now is to run nmap for groups of hosts with the same ports.

 MM.



-- 
blog: http://popcnt.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org