Nmap Development mailing list archives

Re: Updating old Scan-Results using new DBs of new nmap-Versions?

From: "Joshua D. Abraham" <jabra () ccs neu edu>
Date: Fri, 23 Jun 2006 22:04:18 -0400

On 24.Jun.2006 03:51AM +0200, rembrandt () jpberlin de wrote:

On Wed, Jun 21, 2006 at 04:51:25AM +0200, rembrandt () jpberlin de wrote:

Would it be possible to update old Scanresults (for example Scans made
with 3.95) if you updated (f.w. to the latest Version).

If you use -oA you get all output formats and also the Strings wich where
reported by the Service is included.
So would it be (theoretical, such a nmap-function would be realy sweet...)
possible to update these Results and maybe remove the "unknown" (+the
STring) from the File and replace it with (just as exmaple) "ISS 6.1 .NET
2.0".


Good idea.  At some point I would like to add that functionality to
the submission CGI.  So if you try to submit an undetected OS/service
result, it would tell you that it already matches in the current DB
(and give the match details).  We already have tools for this sort of
matching, as we use them to integrate submissions.  Maybe we'll
package them with Nmap at some point.

Cheers,
-F


Well that would be good but wont help Admisn f.e. in Networks with no
Internetconnection after they updated nmap.
It was realy more focused to the Services except of OS-Detection (wich
would be possible too this way but wich wasn`t in my mind). :)

I realy just ment: You scanned a class-B network (f.e. over a VPN) and you
got a neat output-file (mynet.gnmap or somethign else).
So maybe some day later you release a new nmap-Version wich has much more
Services in its DB...

For now a normal Admin would have to mayb rescan the whole network (wich
would.. "suck".. ;) ).

So updating old (existing) output files would be a logical way to prevent
this (in my oppinion. an Online-Update function for just refetching new
DBs would be neat too).


So are you looking for Nmap to print services' banner in like XML or
something when you pass a certain extra flags?

-- 
Joshua D. Abraham
Northeastern University
College of Computer and Information Science
www.ccs.neu.edu/home/jabra


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Current thread:

Updating old Scan-Results using new DBs of new nmap-Versions? rembrandt (Jun 20)
- Re: Updating old Scan-Results using new DBs of new nmap-Versions? Fyodor (Jun 23)
- <Possible follow-ups>
- Re: Updating old Scan-Results using new DBs of new nmap-Versions? rembrandt (Jun 23)
  - Re: Updating old Scan-Results using new DBs of new nmap-Versions? Joshua D. Abraham (Jun 23)
- Re: Updating old Scan-Results using new DBs of new nmap-Versions? rembrandt (Jun 23)