Re: Suggestion for NMAP

[Dave Horsfall <dave () horsfall org>]

On Sat, 4 Oct 2014, Daniel Miller wrote:

> > Is there a way to timestamp the connections?  The "-v" flag doesn't do 
> > it, and I can't find any other flag.
>
> You may find the --packet-trace option useful. It will print a line of 
> output for each sent and received packet. The times are relative to the 
> start of execution, which is already timestamped in the output file.

Thanks!  Sounds like what I'm after.

[...]

> We already do lots of client emulation to retrieve useful information. 
> The service version detection scan (-sV) and NSE script scanning 
> (--script) are the primary examples. But your example seems to show 
> *server emulation* to gather information about clients. This is not 
> something that Nmap is suited to, but you could probably do something 
> with our sister program Ncat using the --exec, --sh-exec, or --lua-exec 
> arguments.

Many thanks again.  Yes, I want to emulate a server; it's amazing how 
quickly the all-of-IPv4 scanners will find open 22/25/80 ports etc.

And I've been pointed towards Lua; looks like a cool language, and I'll 
certainly buy the book.

-- Dave
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/