Re: Nmap SoC Ideas?

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/14/2010 06:15 PM, Fyodor wrote:
> On Sun, Mar 14, 2010 at 12:29:38PM -0500, Kris Katterjohn wrote:
> > Yes, it would be great to finally have this.  I have another idea which isn't
> > totally dependent on this but would be go with it quite nicely.  I don't
> > recall it being brought up before: remove the -6 option and allow mixed IPv4
> > and IPv6 scanning in one session.  Split host batches up between the two just
> > like is already done for directly-connected hosts and not.  Sure there is more
> > to it than that with all of o.af() stuff going on and with target parsing, but
> > you get the gist of it.  This would be awesome.
>
> I think that could work well if we only specified IP/IPv6 addresses,
> but it might be a bit problematic with hostnames.  If someone
> specifies just "nmap www.kame.net", should Nmap look up and scan the A
> record (203.178.141.194), thie IPv6 (AAAA) record
> (2001:200:0:8002:203:47ff:fea5:3085), or both?  Right now there is no
> ambiguity since Nmap does IPv6 IFF -6 was specified.  But admittedly
> it is annoying when I type a command like "nmap
> 2001:200:0:8002:203:47ff:fea5:3085" and then it fails because I forgot
> -6.
>
> Admittedly that is similar to the issue of hosts with multiple records
> of the same type.

Hmm.. I'm heading to bed and haven't had time to think about your points in
greater detail just yet, but here is an initial assessment of what some other
projects do:

Wget and curl for www.kame.net/index.html both use the quad record by default.

An OpenSSH attempt to www.kame.net with the AddressFamily config option set to
"any" goes for IPv6 first.

OpenBSD netcat (from Debian) to www.kame.net uses IPv6 by default.

Browsing www.kame.net in Firefox gives me the dancing kame.


While I do think this is a decision that should be made carefully, going the
route of the above projects in using IPv6 records by default should be closely
considered.  These were just some off the top of my head to use and not by any
means an exhaustive list.

> Cheers,
> -F

Cheers,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJLneHuAAoJEEQxgFs5kUfuZwkP/2cR/YMFlRNtavUM6JywDGUb
8abKswtFS+pv92MYzk2gmAWk4Uvl5hOMPTfK/cL7IBXU5drwJk2DVJxH2aJSLsDo
Q8OIkj1P+BBnk+a1LQ6EPtcnkAhvfAY03QnPF9D4vjes50ZBe+ubnnacslsBYlSx
y7g7HXvbC8FSzXj6alDVCCg9Ll1N+QoMoPo/b7Ab39SBvYLeAoHDTc/mWudvpl/n
CGPxZNTcUhJzkiOMWS/oGXVGhWqBBs3tAzZHMKDpFDl0xa0LRZypLppXMKUXv4lj
Y7/lqeWTapKGdh/zjUbTKRV3xIJDTcjE5hNTPC9OxZaprbWj06pv5YiEIMQAmbGu
jJFH/iMeQ/HvR5u07k3sZWJCbuItdS61qZ8eHQcsnkEQl5plobJhIpVL3LbcLE1S
cnogueMdkJkHq/74q+GyhzMf8kHWCt8a05VfDd+SvmN6+tX4K+CfCKahDRPX+Lql
0MDIs7tmLNnH4Yr9469uwtAHuWVu7AUHK51tb6UsG1oQ4oAoWNxR3bLnT1gMESiZ
96awvcDrZWLfnEYMTpb25ZAdZX+c0eosaaNfjGW6I4hhWCFN7Xapy01wN9Qattqt
46cZ77Bdg5sWNeS1WK99wAGrw+5Iiiyptfri+qa1HFLd1kXkC1+Pshrc3ER4IkJm
ehRAWnuykGB/suevkwyu
=OHGL
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/