Nmap Announce mailing list archives
Re: SNMP to nmap?
From: Evan Brewer <dmessiah () silcon com>
Date: Thu, 17 Dec 1998 11:34:52 -0800
On Thu, Dec 17, 1998 at 10:54:43AM -0800, Lamont Granquist wrote:
I talked with Fyodor about adding RPC service portscanning to NMAP, so that NMAP would be able to query ports with null RPC commands to figure out which RPC service was listening, if any (I haven't looked at RPC closely enough to figure out if you could do this with one query, or if you'd need to send queries for every service that you'd be interested in knowing about, anyway...). Fyodor's opinion was that NMAP should try to stay away from doing 'application' level stuff as much as possible and that the identd scanning and such in the current version was pushing it.
An interesting idea, however anything extrapolated from rpc may also (under most conditions) be determined by a normal port scan. There is nothing that (Most of the time,) rpcinfo will tell you that a port scan wont. Lets say port 2049/tcp is open. Odds are this guy has NFS.
Anyway, I'd certainly think that RPC service scanning would be a hell of a lot more generally useful than teaching NMAP about SNMP, but can appreciate the sentiment behind not wanting to promote code bloat and not wanting to do either of them.
May be useful yes, however getting this info in a stealthlike matter requires a connection to portmap. Nmap is supposed to be a network scanner yes, but in that it is also a stealth scanner. I am one for the belief that if you can determine services/ports open without connecting to portmap, more power to you. If you are thinking, well what about udp? The udp scanning in Nmap is great, so there should be no problems there. Im sure you could come up with 1 or 2 command lines to totally probe a system without using portmap. Good idea, but not necessary imho. dmess0r
Current thread:
- SNMP to nmap? Michael Dodwell (Dec 16)
- Re: SNMP to nmap? Emerson (Dec 17)
- Re: SNMP to nmap? Matthew Franz (Dec 17)
- Re: SNMP to nmap? Lamont Granquist (Dec 17)
- NMAP IRIX Port Lamont Granquist (Dec 17)
- Hey, Fyodor, How does this OS Scan stuff work? Lamont Granquist (Dec 17)
- Re: SNMP to nmap? Evan Brewer (Dec 17)
- RPC portscanning Lamont Granquist (Dec 17)
- Re: RPC portscanning Evan Brewer (Dec 17)
- Re: SNMP to nmap? ubik (Dec 17)
- Re: SNMP to nmap? Evan Brewer (Dec 17)
- Re: SNMP to nmap? Matthew Franz (Dec 17)
- Re: SNMP to nmap? Emerson (Dec 17)
- <Possible follow-ups>
- Re: SNMP to nmap? James W. Abendschan (Dec 17)