Nmap Development mailing list archives
Re: Nmap notes from a few conferences
From: Fyodor <fyodor () insecure org>
Date: Tue, 9 Jun 2009 19:37:33 -0700
On Wed, Jun 10, 2009 at 12:27:06AM +0000, Brandon Enright wrote:
I took notes about some of the topics in the presentations and discussions I had with other security professionals so here are my notes, opinions, and conclusions about the current state of Nmap and people's perceptions about it.
Thanks's Brandon, this is good to keep track of.
* People don't seem to know about nbstat.nse and are still talking about nbtscan. Ron did some very good work with nbstat. I don't think people know how scan a very large network for UDP/137 quickly. In our documentation I think we should try to highlight how to use nbstat.nse really quickly.
It sounds like you have some ideas related to quick UDP scanning? Maybe you could add some examples/information to the nbtscan NSEDoc?
great new is that David did a bunch of work to find a new set of probes with much better coverage. Security and network pros are going to love this change. We need to make sure we advertise that the default changed to something much smarter. The fact that David did a bunch of empirical analysis and has published numbers is going to help even more.
Yeah, I'm real excited about this too!
* People are using Nmap for a generic IP generation tool. It seems that there aren't any good tools out there for random IP generation, generation of IPs in ranges like 192.168.*.1-254, etc.
Heh. I guess that is the nice thing about being able to scale all the way from a simple list scan for just enumerating IPs to Nmap's far more comprehensive scanning modes.
about working on NSE output. Perhaps giving script the option of outputting XML so that we aren't embedding -oN script output inside of XML.
I'm interested in any ideas people have in this respect. It's hard to design a general output format which works well for all the different things NSE can do.
Also, we might think about adding a new script output format like -oC that is "grepable" or "machine readable" script output.
I'd rather enhance normal grepable output with scriput scan results than create a new format, but I do try to avoid adding new stuff to grepable format since it really does have significant limitations.
that the documentations and examples are out there. This is mostly what my DDCSW presentation was about.
Do you have slides or a video recording online?
* People love Nmap and the new stuff we're adding is only making it better.
Yay! Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap notes from a few conferences Brandon Enright (Jun 09)
- Re: Nmap notes from a few conferences Fyodor (Jun 09)
- Re: Nmap notes from a few conferences Brandon Enright (Jun 09)
- Re: Nmap notes from a few conferences Ron (Jun 09)
- Re: Nmap notes from a few conferences Fyodor (Jun 09)
- Re: Nmap notes from a few conferences Ron (Jun 10)
- Re: Nmap notes from a few conferences David Fifield (Jun 09)
- Re: Nmap notes from a few conferences Fyodor (Jun 09)
- Re: Nmap notes from a few conferences Fyodor (Jun 09)