Nmap Development mailing list archives
Re: FW: Bug in default ZENMAP GUI
From: Fyodor <fyodor () insecure org>
Date: Mon, 25 Jan 2010 22:55:19 -0800
On Fri, Jan 22, 2010 at 06:36:58PM -0700, David Fifield wrote:
The default scan ("Intense scan") is nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389
We picked this in August '08 [1] back when we only did 2 host discovery probes by default. But roughly a year later we expanded the default to four probes, so maybe we should remove all these ugly discovery options from the default now? They could also be removed from the many other shipped-by-default profiles which include them. This would leave the default profile as "nmap -T4 -A -v -PE [targets]". One exception is that we should probably leave enhanced discovery in the 'Slow comprehensive scan' profile, but we should check David's discovery research stats to ensure the choices are optimal. Is anyoen opposed to this idea? Anyone want to suggest other changes to the existing profiles or new profiles we should add? You can see the current ones at http://nmap.org/svn/zenmap/share/zenmap/config/scan_profile.usp: [Intense scan] command = nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 description = An intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan. [Intense scan plus UDP] command = nmap -sS -sU -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 description = Does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) in addition to scanning TCP and UDP ports. [Intense scan, all TCP ports] command = nmap -p 1-65535 -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 description = Scans all TCP ports, then does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute). [Intense scan, no ping] command = nmap -T4 -A -v -PN description = Does an intense scan without checking to see if targets are up first. This can be useful when a target seems to ignore the usual host discovery probes. [Ping scan] command = nmap -sP -PE -PA21,23,80,3389 description = This scan only finds which targets are up and does not port scan them. [Quick scan] command = nmap -T4 -F description = This scan is faster than a normal scan because it uses the aggressive timing template and scans fewer ports. [Quick scan plus] command = nmap -sV -T4 -O -F --version-light description = A quick scan plus OS and version detection. [Quick traceroute] command = nmap -sP -PE -PS22,25,80 -PA21,23,80,3389 -PU -PO --traceroute description = Traces the paths to targets without doing a full port scan on them. [Regular scan] command = nmap description = A basic port scan with no extra options. [Slow comprehensive scan] command = nmap -sS -sU -T4 -A -v -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO --script all description = This is a comprehensive, slow scan. Every TCP and UDP port is scanned. OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) are all enabled. Many probes are sent for host discovery. This is a highly intrusive scan. Cheers, Fyodor [1] http://seclists.org/nmap-dev/2008/q3/540 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- FW: Bug in default ZENMAP GUI Mick Alvey (Jan 22)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Jan 22)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Jan 25)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Feb 19)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Feb 19)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Jan 25)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Jan 22)