Re: -PS command and Host Discovery

[David Fifield <david () bamsoftware com>]

On Fri, Oct 24, 2008 at 01:03:10PM -0400, Tony Cap wrote:
> Question concerning the -PS command and more. I may not be using it
> correctly but this is what I've been using to do weekly scans on our
> networks:
>
> nmap -T4 -v -PS -sS -A -p- -oA d:\nmap\output\week3\vlanxx -iL d:\nmap\batch\week3\vlanxx.txt
>
> First off - am I using the -PS switch correctly?  Does this switch
> over ride the default or does it attempt to do host discovery both by
> deafult (TCP ACK) AND the TCP SYN flag set?

Yes, you are using it correctly. It overrides normal host discovery so
the default ACK and ping are not sent. You can combine multiple ping
types: -PS -PA -PE.

> Second - Major differences on this particular vlan compared to others...  
>
> One particular server has 30,000+ ports open with the -PS, only approx
> 30 with out it.

That is definitely wrong behavior. Are you sure it's because of -PS? If
so maybe you can send me packet traces from scanning the server with and
without -PS.

> With the -PS I have only 4 host reporting on this vlan,  compared to
> 30 with out it.

Different ping types can be more or less successful depending on the
situation. Here it looks like -PS is not as good as the default ping.

> Can I get a brief description of this switch and opinions on its use.
> OR for that matter correct switches to be used when doing weekly host
> discovery.  Any input would be greatly appreciated.

Try -PE -PS22,25,80 -PA21,23,80,3389, suggested in
http://seclists.org/nmap-dev/2008/q3/0498.html. You can of course try
different port numbers depending on what types of hosts you are
scanning.

> ALSO - I'm using NDIFF to compare my weekly scans.  Great utility -
> looking forward to further updates on that...

What kind of updates would you like to see in Ndiff?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org