Netbios host resolution

["Kee, Jason" <Jason.Kee () perdue com>]

Doug,

Thanks for the response. The article is an interesting read and I think
it exactly addresses the issue. Although, as you mentioned the switch
--system-dns is using the same function call as the older versions. 
The main problem I have is that 90% of my environment is not in DNS so I
am having to rely on NetBIOS name resolution.    >: ( 

I am hoping to eventually port a network status engine (using nmap as
the base) to Debian, so this may become a moot issue if I write a
sequence to lookup hostnames using dns, then nmblookup. I was hoping
however to cut time from the scanning process by incorporating name
resolution during the port scan.  

The only changes I have made were to a registry entry on the server
that, much like the nsswitch.conf, addresses name resolution priority
order. The registry key is: 

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider
The keys are: DnsPriority, HostsPriority, LocalPriority, NetbtPriority

Lowest value has first priority

Usually, local (LMHOSTS) and Hosts have the lower value, then DNS, and
Netbt. I altered it so that Netbt had the lowest value, then DNS, then
Hosts, then LMHOSTS, as it matches the name resolution schema in place
for best name resolution of all machines. 

I tried the --system-dns switch before, but still no name resolution
results. 

The truth is, it hasn't worked since I removed the older versions and
ran the self-extracting executable for 4.00. 

It is an interesting issue. However, as I said, perhaps I should just
write name resolution code into my network status engine for portability
and allowing the speed of nmap 4.00 to continue. I am amazed at how fast
it is running. 

Thanks!


Jason


DISCLAIMER:
**********************************************************************
This communication, including attachments, may contain confidential, privileged, copyrighted or other legally protected 
information.  If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, 
distribution, or copying of this communication, or any of its contents, is strictly prohibited.  If you have received 
this communication in error, please immediately re-send this communication to the sender and delete the original 
message and any copy of it, including all attachments, from your computer system.
**********************************************************************



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev