Nmap Development mailing list archives
Question on --version-intensity and -sR interaction
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 4 Mar 2011 11:37:44 -0600
Hey list, The nmap man page states that RPC scan (-sR) is "automatically enabled as part of version scan (-sV) if you request that." The --version-intensity option lets you choose how unusual the probes are that get sent to each port that is found open. As I read it, there are 3 possibilities: 1. RPC scan is conducted every time -sV is used, regardless of --version-intensity 2. RPC scan is not conducted if --version-intensity is specified 3. RPC scan is conducted for --version-intensity values above some level (e.g. 7 or higher) Since I have run into custom services that crash on certain probes, I would like a way to guarantee that only the explicit probes for each port are run, and no RPC scan. I thought this would be the way to do it: nmap -sV --version-intensity 0 example.com But I am no longer sure. Any ideas? Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Question on --version-intensity and -sR interaction Daniel Miller (Mar 04)
- Re: Question on --version-intensity and -sR interaction Fyodor (Mar 04)
- Re: Question on --version-intensity and -sR interaction Daniel Miller (Mar 04)
- Re: Question on --version-intensity and -sR interaction Fyodor (Mar 04)
- Re: Question on --version-intensity and -sR interaction David Fifield (Mar 12)
- Re: Question on --version-intensity and -sR interaction Daniel Miller (Mar 12)
- Re: Question on --version-intensity and -sR interaction David Fifield (Mar 12)
- Re: Question on --version-intensity and -sR interaction Daniel Miller (Mar 04)
- Re: Question on --version-intensity and -sR interaction Fyodor (Mar 04)