Nmap Development mailing list archives
Re: inconsistent results from nmap v7.30 when scanning the same IP twice
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 17 Oct 2016 20:14:44 -0500
Cédric, On Mon, Oct 17, 2016 at 5:34 PM, Cedric MICHEL <dr.cedric.michel () gmail com> wrote:
Hi Daniel, I gave a minimal example with "www.google.com" scanned twice just in order to reproduce the bug. In my real example (looking for potential web servers of my company exposed on the internet), I was using the parameter '-iL' for requesting about 20 hosts (several of them having the same IP address after DNS resolution). I could figure in the '.gnmap' output that 20 portscans on the same IP address had different results (TCP ports status) which was amazing As you said, even if only one TCP portscan is done on each different IP address, other tests would still need to be launched with the correct VHOST (ex : NSE scripts) in presence of web servers.
It appears we have fixed this bug in the latest development version.
PS : I always use the parameter "-oA " in order to use the best output
format possible.
I would have a remark on the "Greppable Nmap" output (-oG) : there are 2
informations that I need but I'm unable to grep them in that format as they
aren't present in the file:
- hosts without an DNS resolution ('no A' DNS entry).
- original FQDN on the same line as the IP address and open/closed/ports
(in addition to the reverse DNS entry which is given when available).
The second one should be present in the "XML output format" but XSLT is
not really user friendly ...
Do you think that this kind of information would be valuable in the
'Greppable output format' and could be added in the future?
The grepable format is deprecated, which means we will not be adding new information to it. Unlike the XML output format, it is not easily extensible; any changes will almost certainly break most scripts written to consume older forms of the format. Dan
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- inconsistent results from nmap v7.30 when scanning the same IP twice Cedric MICHEL (Oct 15)
- Re: inconsistent results from nmap v7.30 when scanning the same IP twice Daniel Miller (Oct 15)
- Re: inconsistent results from nmap v7.30 when scanning the same IP twice Tudor-Emil COMAN (Oct 15)
- Message not available
- Re: inconsistent results from nmap v7.30 when scanning the same IP twice Daniel Miller (Oct 17)
- Re: inconsistent results from nmap v7.30 when scanning the same IP twice Tudor-Emil COMAN (Oct 15)
- Re: inconsistent results from nmap v7.30 when scanning the same IP twice Daniel Miller (Oct 15)