Nmap Development mailing list archives
Re: Parallelize OS Fingerprinting?
From: Bill Petersen <bill.petersen () alcatel com>
Date: Wed, 24 Aug 2005 07:51:09 -0500
How about when you are scanning over 60,000 machines in an address space of about 1 million IPs! I agree, I need parallelization anywhere I can get it. One way I have tried as well is a script similar to what you have, but running 150 scans at a time in parallel, with the script watching for one to complete before starting the next one. One of the limiting factors for me is the memory footprint of nmap. Each takes about 10MB last time I looked, and so you have to have a lot of RAM to do the massive scans I need to run. I would love to be able to run just one nmap which handles all of the parallelization itself. Bill Petersen, CISSP Senior Information Security Analyst Alcatel North America Information Security Bill.Petersen () alcatel com Voice: 972-519-4249 Fax: 972-477-5300 Thomas Loch wrote:
Currently I'm parallelizing scans by using a bash script like the one attached. It starts nmap in background, waits for all scans to complete and sends the summarized results to a specified email address. I never scan more than 10 or 15 hosts at a time (and use a very old version of nmap :) so this is most likely not a convenient way to scan 100+ hosts but I hope it is helpful to someone until parallel scanning is implemented. ------------------------------------------------------------------------ #!/bin/bash # hosts to scan hosts=( host1 host2 host3 ) # clean up old scan results rm nmap.* 2>/dev/null # launch scans in background for host in ${hosts[@]} do nmap -v -sS -O $host >nmap.$host & # with errors #nmap -v -sS -O $host >nmap.$host 2>nmap.$host.err & echo "starting scan for $host" done # wait for their completion wait # summarize results grep 'Interesting ports on\|scanned but not shown below\| open \| closed \| filtered ' nmap.* >nmap.__results # shorter summary: #grep 'tcp \|udp ' nmap.* >nmap.__results # this may be more suitable when focusing on OS detection: #grep 'Interesting ports on\|OS details\|Running\|Device type' nmap.* >nmap.__results # pack 'em together tar -cjf nmap.tar.bz2 nmap.* # mail me my results + summary # NOTE: biabam.nmap is a slightly modified version of the biabam # bash attachment mailer that does not prompt for a message body! biabam.nmap nmap.tar.bz2 -s 'NMAP run complete!!' root () servers lan ------------------------------------------------------------------------ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Parallelize OS Fingerprinting? Brandon Enright (Aug 23)
- Re: Parallelize OS Fingerprinting? Fyodor (Aug 23)
- Re: Parallelize OS Fingerprinting? Thomas Loch (Aug 23)
- Re: Parallelize OS Fingerprinting? Bill Petersen (Aug 24)
- OS Fingerprinting Bill Petersen (Aug 24)
- Re: OS Fingerprinting Niels Heinen (Aug 24)
- Re: OS Fingerprinting Emmanuel Goldstein (Aug 27)
- Re: OS Fingerprinting 赵雷 (Aug 27)
- Re: OS Fingerprinting Emmanuel Goldstein (Aug 29)
- Re: Parallelize OS Fingerprinting? Thomas Loch (Aug 23)
- Re: Parallelize OS Fingerprinting? Fyodor (Aug 23)
- Re: Parallelize OS Fingerprinting? MadHat (Aug 24)