Nmap Development mailing list archives
Re: RFC: Should Nmap resolve and scan all addresses by default?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 8 Aug 2017 17:06:24 -0500
On Tue, Aug 8, 2017 at 4:54 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
previously only available through the resolveall NSE script [1],
Please leave your feedback in reply.
I forgot some references and neglected to mention the purpose of this kind of DNS setup and how other applications handle this situation. The practice of responding to a single A (or AAAA) query with more than one record (IP address) is called Round-robin DNS [2]. It is generally used as a load-balancing mechanism, since the order of returned IP addresses changes and applications will generally choose the first available address to connect to. Applications can also fall back to subsequent IP addresses if the first one is not responsive. Nmap has historically only scanned the first of these addresses, similar to how a web browser only connects to the first address in the response. But as a network discovery tool, it makes sense to be able to probe all of the possible IP addresses that are attached to a hostname. Nmap was already printing the list of unscanned addresses in a line like so: Other addresses for example.com (not scanned): 192.0.2.3 192.0.2.4 2001:db8::5 This change (in either of the two options being discussed) does not allow scanning of both IPv4 and IPv6 addresses in a single scan. When the feature is enabled, all the addresses in the proper address family will be scanned: IPv6 if -6 is given, and IPv4 otherwise. [1] https://nmap.org/nsedoc/scripts/resolveall.html [2] https://en.wikipedia.org/wiki/Round-robin_DNS
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- RFC: Should Nmap resolve and scan all addresses by default? Daniel Miller (Aug 08)
- Re: RFC: Should Nmap resolve and scan all addresses by default? Daniel Miller (Aug 08)
- Re: RFC: Should Nmap resolve and scan all addresses by default? jah (Aug 08)
- Re: RFC: Should Nmap resolve and scan all addresses by default? Paulino Calderon (Aug 08)
- Re: RFC: Should Nmap resolve and scan all addresses by default? nnposter (Aug 08)