Nmap Announce mailing list archives
RE: nmap-2.03 DNS address scanner
From: "johann sebastian bach" <jsb4ch () hotmail com>
Date: Fri, 05 Feb 1999 12:04:00 PST
i suppose.. host -l does not do zone transfers recursively though (it will get *.microsoft.com but not *.*.microsoft.com).. portscanning a whole domain is noisy *regardless*, and axfr'ing it isnt going to change the situation much. seems to me if you're going to include a bunch of other "ip gathering" methods you might as well include zone transfer to keep things complete.
From nmap-hackers-return-255-jsb4ch Fri Feb 05 12:00:08 1999 Received: from [128.196.109.24] by hotmail.com (1.1) with SMTP id
MHotMailB88498C3369A2D101709080C46D1860880; Fri Feb 05 12:00:08 1999
Received: (qmail 14781 invoked by uid 505); 5 Feb 1999 19:38:31 -0000 Mailing-List: contact nmap-hackers-help () insecure org; run by ezmlm Precedence: bulk Delivered-To: mailing list nmap-hackers () insecure org Delivered-To: moderator for nmap-hackers () insecure org Received: (qmail 14715 invoked from network); 5 Feb 1999 19:28:07 -0000 Message-Id:
<C77A5B370DFBD111A9390001FAF8422F01A66635 () sw720x015 visa com>
From: "Brown, Mark" <mbrown () visa com> To: nmap-hackers () insecure org Subject: RE: nmap-2.03 DNS address scanner Date: Fri, 5 Feb 1999 11:27:33 -0800 Mime-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2232.9) Content-Type: text/plain; charset="iso-8859-1" Actually, I think it makes more sense to leave stuff *out* of nmap that
is
already trivially available (host -l?) lest nmap become fat.
Attempting a
zone transfer of a domain is a sure-fire way to draw attention to
yourself
if the other side's hostmaster has two brain-cells to rub together. -----Original Message----- From: johann sebastian bach [mailto:jsb4ch () hotmail com] Sent: Thursday, February 04, 1999 10:03 PM To: nmap-hackers () insecure org Subject: Re: nmap-2.03 DNS address scanner cool. someone should do a better implementation that doesnt use gethostbyaddr() (maybe use res_mkquery(), and send multiple queries at
a
time.. ) determining hosts are *UN*resolvable takes a long time, and going serially is very slow.. another cool thing to add to nmap might be DNS AXFR query capability (have it transfer all the ip addresses in the zone and then scan them
or
whatever) so that you could scan based on domain and not ip address, or bypass firewalls (maybe in a very obscure case :)))
______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- nmap-2.03 DNS address scanner Dion Stempfley (Feb 04)
- <Possible follow-ups>
- Re: nmap-2.03 DNS address scanner johann sebastian bach (Feb 04)
- RE: nmap-2.03 DNS address scanner Brown, Mark (Feb 05)
- RE: nmap-2.03 DNS address scanner Matthew Franz (Feb 05)
- RE: nmap-2.03 DNS address scanner johann sebastian bach (Feb 05)
- RE: nmap-2.03 DNS address scanner wanb0y (Feb 05)