Nmap Development mailing list archives

[NSE] script idea: identify ports behind a NAT

From: Ron <ron () skullsecurity net>
Date: Wed, 17 Mar 2010 09:31:38 -0500

I just had an idea for a useful script that I don't really have time to write. Maybe somebody else does?

Basically, identify and group which ports on a NAT point at the same computer. So, if I have port 22, 80, and 443 
forwarded to computer A, and 21, 445 forwarded to computer B, I'd like to be able to tell that. 

There are probably a few different ways, and it really comes down to the same techniques used for OS fingerprinting 
(and some limited intelligence), but I think the easiest way initially would be to look at the IPIDs, especially for 
incremental systems. 

Any other ideas?

-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] script idea: identify ports behind a NAT Ron (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT jah (Mar 17)
  - Re: [NSE] script idea: identify ports behind a NAT DePriest, Jason R. (Mar 17)
  - Re: [NSE] script idea: identify ports behind a NAT David Fifield (Mar 17)
    - Re: [NSE] script idea: identify ports behind a NAT Kris Katterjohn (Mar 17)
    - Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Ron (Mar 17)
    - Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
    - Re: Qscan in NSE: qscan.nse Ron (Mar 18)
    - Re: Qscan in NSE: qscan.nse Fyodor (Mar 20)

(Thread continues...)