Re: Nmap notes from a few conferences

[Fyodor <fyodor () insecure org>]

On Wed, Jun 10, 2009 at 12:27:06AM +0000, Brandon Enright wrote:
> I took notes about some of the topics in the presentations and
> discussions I had with other security professionals so here are my
> notes, opinions, and conclusions about the current state of Nmap and
> people's perceptions about it.

Thanks's Brandon, this is good to keep track of.

> * People don't seem to know about nbstat.nse and are still talking
>   about nbtscan.  Ron did some very good work with nbstat.  I don't
>   think people know how scan a very large network for UDP/137 quickly.
>   In our documentation I think we should try to highlight how to use
>   nbstat.nse really quickly.

It sounds like you have some ideas related to quick UDP scanning?
Maybe you could add some examples/information to the nbtscan NSEDoc?

>   great new is that David did a bunch of work to find a new set of
>   probes with much better coverage.  Security and network pros are
>   going to love this change.  We need to make sure we advertise that
>   the default changed to something much smarter.  The fact that David
>   did a bunch of empirical analysis and has published numbers is going
>   to help even more.

Yeah, I'm real excited about this too!

> * People are using Nmap for a generic IP generation tool.  It seems
>   that there aren't any good tools out there for random IP generation,
>   generation of IPs in ranges like 192.168.*.1-254, etc. 

Heh.  I guess that is the nice thing about being able to scale all the
way from a simple list scan for just enumerating IPs to Nmap's far
more comprehensive scanning modes.

>   about working on NSE output.  Perhaps giving script the option of
>   outputting XML so that we aren't embedding -oN script output inside
>   of XML.

I'm interested in any ideas people have in this respect.  It's hard to
design a general output format which works well for all the different
things NSE can do.

> Also, we might think about adding a new script output format
> like -oC that is "grepable" or "machine readable" script output.

I'd rather enhance normal grepable output with scriput scan results
than create a new format, but I do try to avoid adding new stuff to
grepable format since it really does have significant limitations.

>   that the documentations and examples are out there.  This is mostly
>   what my DDCSW presentation was about.

Do you have slides or a video recording online?

> * People love Nmap and the new stuff we're adding is only making it
>   better.

Yay!

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org