Re: Bug(-ish)?

[David Fifield <david () bamsoftware com>]

On Mon, Dec 21, 2015 at 03:04:28PM +0000, Ruggero DallAglio wrote:
> Hi, this is Roger. First of all great job!!!!
>
> Second, using nmap in Windows via CLI I experience a lack of name resolution,
> even if the IP has a name associated with it.
>
> For example, repeatedly running
>
> nmap -sn range | find /i "Nmap"
>
> gives me different output.
>
> [Honestly I can't say if it's a DNS (Windows) issue.] Your time-saving, I ran a
> script to reverse lookup from IP and worked like a charm. Let's say that in
> rare (3-4 times) occasions script output paused for, say, less than a second.
> Maybe it's that very small delay that push nmap to go further?

The first thing to try is the --system-dns option, which bypasses Nmap's
built-in reverse DNS resolver:

nmap --system-dns -sL range

You can also try to trace through the DNS requests that Nmap is making
with -d4 (high debugging):

nmap -d4 -sL range

That will produce a lot of output, but you can find output lines like
this:

mass_rdns: Using DNS server x.x.x.x
mass_rdns: TRANSMITTING for <45.33.49.119> (server <x.x.x.x>)
mass_rdns: OK MATCHED <45.33.49.119> to <ack.nmap.org>
mass_rdns: 0.00s 0/1 [#: 3, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 3, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/