Nmap Development mailing list archives
Missing host name
From: Dave Close <dave () compata com>
Date: Tue, 14 May 2024 22:08:12 -0700
Running Nmap 7.92 on CentOS 8. Commands -sP, -sn, and -sL all behave the same way. When scanning a local network with local name service, forward and reverse, for all addresses within the network, not all addresses are reported with their host names. Specifically, every third report is missing the name. Since all addresses and names are available from the same local name server (Bind 9), this doesn't seem reasonable. For example, "nmap -sL 192.168.1.0/24" yields this result (truncated): # nmap -sL 192.168.9.0/24 Starting Nmap 7.92 ( https://nmap.org ) at 2024-05-15 00:44 EDT Nmap scan report for 192.168.9.0 Nmap scan report for flgw.local (192.168.9.1) Nmap scan report for fl002.local (192.168.9.2) Nmap scan report for 192.168.9.3 Nmap scan report for fl004.local (192.168.9.4) Nmap scan report for fl005.local (192.168.9.5) Nmap scan report for 192.168.9.6 Nmap scan report for fl007.local (192.168.9.7) Nmap scan report for fl008.local (192.168.9.8) Nmap scan report for 192.168.9.9 Nmap scan report for fl010.local (192.168.9.10) Nmap scan report for fl011.local (192.168.9.11) Nmap scan report for 192.168.9.12 Nmap scan report for fl013.local (192.168.9.13) Nmap scan report for fl014.local (192.168.9.14) Nmap scan report for fl015.local (192.168.9.15) Nmap scan report for 192.168.9.16 Nmap scan report for fl017.local (192.168.9.17) Nmap scan report for fl018.local (192.168.9.18) Nmap scan report for 192.168.9.19 Nmap scan report for pfm2.local (192.168.9.20) Nmap scan report for fl021.local (192.168.9.21) Nmap scan report for 192.168.9.22 Nmap scan report for fl023.local (192.168.9.23) Nmap scan report for fl024.local (192.168.9.24) Nmap scan report for 192.168.9.25 Nmap scan report for fl026.local (192.168.9.26) Nmap scan report for fl027.local (192.168.9.27) Nmap scan report for 192.168.9.28 Running Nmap 7.92 on CentOS 8. Commands -sP, -sn, and -sL all behave the same way. When scanning a local network with local name service, forward and reverse, for all addresses within the network, not all addresses are reported with their host names. Specifically, every third report is missing the name. Since all addresses and names are available from the same local name server (Bind 9), this doesn't seem reasonable. For example, "nmap -sL 192.168.1.0/24" yields this result (truncated): # nmap -sL 192.168.9.0/24 Starting Nmap 7.92 ( https://nmap.org ) at 2024-05-15 00:44 EDT Nmap scan report for 192.168.9.0 Nmap scan report for flgw.local (192.168.9.1) Nmap scan report for fl002.local (192.168.9.2) Nmap scan report for 192.168.9.3 Nmap scan report for fl004.local (192.168.9.4) Nmap scan report for fl005.local (192.168.9.5) Nmap scan report for 192.168.9.6 Nmap scan report for fl007.local (192.168.9.7) Nmap scan report for fl008.local (192.168.9.8) Nmap scan report for 192.168.9.9 Nmap scan report for fl010.local (192.168.9.10) Nmap scan report for fl011.local (192.168.9.11) Nmap scan report for 192.168.9.12 Nmap scan report for fl013.local (192.168.9.13) Nmap scan report for fl014.local (192.168.9.14) Nmap scan report for fl015.local (192.168.9.15) Nmap scan report for 192.168.9.16 Nmap scan report for fl017.local (192.168.9.17) Nmap scan report for fl018.local (192.168.9.18) Nmap scan report for 192.168.9.19 Nmap scan report for pfm2.local (192.168.9.20) Nmap scan report for fl021.local (192.168.9.21) Nmap scan report for 192.168.9.22 Nmap scan report for fl023.local (192.168.9.23) Nmap scan report for fl024.local (192.168.9.24) Nmap scan report for 192.168.9.25 Nmap scan report for fl026.local (192.168.9.26) Nmap scan report for fl027.local (192.168.9.27) Nmap scan report for 192.168.9.28 Running Nmap 7.92 on CentOS 8. Commands -sP, -sn, and -sL all behave the same way. When scanning a local network with local name service, forward and reverse, for all addresses within the network, not all addresses are reported with their host names. Specifically, every third report is missing the name. Since all addresses and names are available from the same local name server (Bind 9), this doesn't seem reasonable. For example, "nmap -sL 192.168.1.0/24" yields this result (truncated): # nmap -sL 192.168.9.0/24 Starting Nmap 7.92 ( https://nmap.org ) at 2024-05-15 00:44 EDT Nmap scan report for 192.168.9.0 Nmap scan report for flgw.local (192.168.9.1) Nmap scan report for fl002.local (192.168.9.2) Nmap scan report for 192.168.9.3 Nmap scan report for fl004.local (192.168.9.4) Nmap scan report for fl005.local (192.168.9.5) Nmap scan report for 192.168.9.6 Nmap scan report for fl007.local (192.168.9.7) Nmap scan report for fl008.local (192.168.9.8) Nmap scan report for 192.168.9.9 Nmap scan report for fl010.local (192.168.9.10) Nmap scan report for fl011.local (192.168.9.11) Nmap scan report for 192.168.9.12 Nmap scan report for fl013.local (192.168.9.13) Nmap scan report for fl014.local (192.168.9.14) Nmap scan report for fl015.local (192.168.9.15) Nmap scan report for 192.168.9.16 Nmap scan report for fl017.local (192.168.9.17) Nmap scan report for fl018.local (192.168.9.18) Nmap scan report for 192.168.9.19 Nmap scan report for pfm2.local (192.168.9.20) Nmap scan report for fl021.local (192.168.9.21) Nmap scan report for 192.168.9.22 Nmap scan report for fl023.local (192.168.9.23) Nmap scan report for fl024.local (192.168.9.24) Nmap scan report for 192.168.9.25 Nmap scan report for fl026.local (192.168.9.26) Nmap scan report for fl027.local (192.168.9.27) Nmap scan report for 192.168.9.28 Running Nmap 7.92 on CentOS 8. Commands -sP, -sn, and -sL all behave the same way. When scanning a local network with local name service, forward and reverse, for all addresses within the network, not all addresses are reported with their host names. Specifically, every third report is missing the name. Since all addresses and names are available from the same local name server (Bind 9), this doesn't seem reasonable. For example, this result (truncated): # nmap -sL 192.168.9.0/24 Starting Nmap 7.92 ( https://nmap.org ) at 2024-05-15 00:44 EDT Nmap scan report for 192.168.9.0 Nmap scan report for flgw.local (192.168.9.1) Nmap scan report for fl002.local (192.168.9.2) Nmap scan report for 192.168.9.3 Nmap scan report for fl004.local (192.168.9.4) Nmap scan report for fl005.local (192.168.9.5) Nmap scan report for 192.168.9.6 Nmap scan report for fl007.local (192.168.9.7) Nmap scan report for fl008.local (192.168.9.8) Nmap scan report for 192.168.9.9 Nmap scan report for fl010.local (192.168.9.10) Nmap scan report for fl011.local (192.168.9.11) Nmap scan report for 192.168.9.12 Nmap scan report for fl013.local (192.168.9.13) Nmap scan report for fl014.local (192.168.9.14) Nmap scan report for fl015.local (192.168.9.15) Nmap scan report for 192.168.9.16 Nmap scan report for fl017.local (192.168.9.17) Nmap scan report for fl018.local (192.168.9.18) Nmap scan report for 192.168.9.19 Nmap scan report for pfm2.local (192.168.9.20) Nmap scan report for fl021.local (192.168.9.21) Nmap scan report for 192.168.9.22 Nmap scan report for fl023.local (192.168.9.23) Nmap scan report for fl024.local (192.168.9.24) Nmap scan report for 192.168.9.25 Nmap scan report for fl026.local (192.168.9.26) Nmap scan report for fl027.local (192.168.9.27) Nmap scan report for 192.168.9.28 ... Nmap done: 256 IP addresses (0 hosts up) scanned in 0.04 seconds Searching online I find many ways the names could be missing, by request or due to a name server error. But I find no examples of them missing only on every third response. So I must ask the experts what's going on? -- Dave Close, Compata, Irvine CA +1 714 434 7359 dave () compata com dhclose () alumni caltech edu "If I don't know I don't know, I think I know; if I don't know I know, I think I don't know." - Ronald Laing _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at https://seclists.org/nmap-dev/
Current thread:
- Missing host name Dave Close (May 14)