Re: Zenmap Problem

[David Fifield <david () bamsoftware com>]

On Sun, Jul 25, 2010 at 09:27:52AM +0100, Rob Nicholls wrote:
> You're right, it's something I regularly see if I scan the entire local
> subnet and don't try to exclude myself. If I'm doing the default port range
> I end up with a very long scan report full of "unknown" ports for my host
> that gets in the way of the handful of ports I want to read about for the
> rest of the subnet.
>
> It's probably non-trivial, but would it be possible or preferable for Nmap
> to omit/skip the scan report for the localhost? If it's skipped because
> "Skipping SYN Stealth Scan against 192.168.1.16 because Windows does not
> support scanning your own machine (localhost) this way" then it's always
> going to show "unknown" for every port.

Yeah, a couple of options are to force -sT mode for localhost only, or
to allowed "unknown" to be an extraports state (so it would say "Not
shown: 1000 unknown ports). This is the only case outside of a code bug
that I am aware of where the "unknown" state can appear in output. I'd
welcome a patch for either of these. For the first, it's probably not
too hard because I think that localhost will already be isolated in its
own scan group. For the second, you would have to modify
PortList::isIgnoredState in portlist.cc.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/