RE: nmap-2.03 DNS address scanner

[Matthew Franz <mdfranz () txdirect net>]

On Fri, 5 Feb 1999, Brown, Mark wrote:

> Actually, I think it makes more sense to leave stuff *out* of nmap that is
> already trivially available (host -l?) lest nmap become fat.  Attempting a
> zone transfer of a domain is a sure-fire way to draw attention to yourself
> if the other side's hostmaster has two brain-cells to rub together.  

I second this sentiment on keeping nmap trim.  IMHO it should remain the
best damn portscanner / OS detector around with all the features we know
and love.  I could see a strong case for RPC scanning but not DNS and
certainly not SNMP.  There are close to a dozen small tools for gathering
IPs from DNS records (dig, z0ne, rdns, ipzoner, host, etc.)  Thats what
shell scripts and pipes and IO redir and the UNIX toolkit philosophy is
about.

Creating modules to integrate the results of nmap scans with (lets say)
the vulnerabiltiy database used by nessus or some future, hypothetical,
Open Source vulnerability does seem to be a worthhile project IHMO.

For what its worth...

-mdf

===================================================================
 Matthew D. Franz                               mdfranz () trinux org
 Trinux: A Linux Security Toolkit            http://www.trinux.org