Nmap Development mailing list archives
NSE without ping or port scanning: interface ideas
From: David Fifield <david () bamsoftware com>
Date: Fri, 10 Jul 2009 13:40:26 -0600
Hi, NSE can run host scripts without port scanning, only ping scanning, when you combine -sC with -sP. But sometimes you want to run scripts without even ping scanning. I had to do this while doing whois lookups to select hosts for the ping probe effectiveness tests; obviously I couldn't limit the host selection to hosts that the default host discovery found to be up. Script scanning without ping or port scanning isn't hard to implement, but we've been stumbling over the user interface. These are some ideas. nmap -sC -sP -PN This is what I used in my tests. A problem is the seemingly contradictory options -sP -PN. You have to think of -sP not as "ping scan" but as "don't port scan." nmap -sC -sL This one is nice because -sL already means "no ping or port scan." However it means that -sL is no longer a guaranteed "safe" scan that doesn't contact the targets. nmap -sC -PN -s0 -s0 is a made-up option that means "don't port scan," analogous to -PN. -sN would be a better match but that is already NULL scan. None of these choices is compelling so I'm open to other ideas. Another idea I'd like to solicit comments on is to allow -p to be used with -sP -sC. The port list would be a list of ports that are assumed to be open on each host, without doing a port scan. This would allow running port scripts, not just host scripts, with -sP. Assuming the ports to be open would work much the same way as -PN assumes hosts to be up. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE without ping or port scanning: interface ideas David Fifield (Jul 10)
- Re: NSE without ping or port scanning: interface ideas Tom Sellers (Jul 10)
- Re: NSE without ping or port scanning: interface ideas Michael Pattrick (Jul 10)
- Re: NSE without ping or port scanning: interface ideas jah (Jul 10)
- Re: NSE without ping or port scanning: interface ideas David Fifield (Jul 18)
- Re: NSE without ping or port scanning: interface ideas Tom Sellers (Jul 10)