Nmap Development mailing list archives

Re: Feature Request: --update


From: Andreas Ericsson <ae () op5 se>
Date: Fri, 19 Jan 2007 15:34:52 +0100

Kris Katterjohn wrote:
Hari Sekhon wrote:
I would very much like it if nmap could update it's signature database 
for fingerprinting remote hosts.

For example

nmap --update
fetching latest fingerprints....
done

I have been using nmap for a few years and to my knowledge this isn't a 
current feature (please correct me if I am wrong. I also just did "nmap 
--help|grep update" and got nothing).
When using an older nmap it fails to fingerprint systems as well as a 
modern nmap. I'm currently using nmap 4.20.

The reason I ask for this feature is not because I'm too lazy to upgrade 
to the latest version but because on livecds and such you are sometimes 
using old versions on nmap and it would be excellent if you could just 
nmap --update and get the latest sigs. For example, Knoppix STD has nmap 
3.48 on it and rather than installing a new nmap every time you reboot, 
it would be better to just nmap --update && nmap [options] target.

Really nmap --update could do a lot more than just sigs, but also 
nmap-service-probes and other nmap-* files in /usr/share/nmap or 
/usr/local/share/nmap, perhaps even upgrading the whole thing in place 
including the nmap binary so the second run is using a fully updated 
nmap! (but that really is up to you if you wanted to be that nice - 
however that would be Awesome. )

I know that the fingerprint db has recently been changed but I'm not 
sure how this affects this feature request.


Thanks for reading.

-h


I've actually slowly been playing with something like this. I got the
idea from ettercap --update. My thing semi-works but I never seem to be
able to mess with it for more than a minute or two at a time. Something
also seems to happen right after I open it, so I thought the Universe
was trying to give me a hint :) Mine updates all the nmap-* files.

But yeah, if anybody else wants to do this instead that'd be great.


pciutils have a similar functionality, but implemented as a separate
script. I can't help but feel that this would be much better than
adding some ftp/http/whatnot capabilities to the nmap core.

-- 
Andreas Ericsson                   andreas.ericsson () op5 se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


Current thread: