Nmap Development mailing list archives
studies/papers/etc. on getting best results w. nmap?
From: "^..^" <zenfish () gmail com>
Date: Mon, 3 Sep 2012 15:02:16 -0700
Hey folks - Have there been any studies done on the accuracy of nmap, or ways to improve the same? I've done a bit of searching but certain types of things are harder to find than others, and nmap shows up everywhere for just about any search term ;) If I've missed anything obvious, my apologies, an RTFM or link would be awesome. I'm on a project where many of the targets are probably behind firewalls/network devices, and I've 3 very basic q's. I'd love to be pointed at any discussions or papers on any of theem (or feel free to speak up with your own opinions ;) As a test I've started assigning weights to various results (e.g. closed is more closed than filtered), and it's showing at least some promise. 1) Any references on whether closed (or other results) are more open/closed than all the various outputs you can get - e.g. filtered, close|filtered, etcetera. 2) And are there any archives/talks/papers/DBs about what individual routers/fw implementations tend to return? E.g. "cisco's tend to return closed|filtered where junipers tend to use "open|filtered" or anything? 3) Purely based on my own tests over the years I believe pretty strongly that I get different results when scanning from different OS's (e.g. scanning from Linux vs. OS X, with all other factors taken under consideration), and some scans are faster - at times substantially so - on one vs. the other. Are some OS's (and/or versions within, aka 64 vs. 32 bit, or using different compilers, having more memory, whatever) seen as better nmap scanners than others? It'd be nice to be able to optimize for nmap scanning, or even some types of scanning. If there were a place to dump results of various sorts of scans I'd certainly contribute my own timings and such. (I think this question is independent of the performance tips @ http://nmap.org/book/man-performance.html, but presumably some options there work better in some situations as well.) Thanks for all the hard work on nmap! dan ^..^ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- studies/papers/etc. on getting best results w. nmap? ^..^ (Sep 03)
- Re: studies/papers/etc. on getting best results w. nmap? DePriest, Jason R. (Sep 03)
- Re: studies/papers/etc. on getting best results w. nmap? ^..^ (Sep 03)
- Re: studies/papers/etc. on getting best results w. nmap? Michael Pattrick (Sep 03)
- Re: studies/papers/etc. on getting best results w. nmap? ^..^ (Sep 03)
- Re: studies/papers/etc. on getting best results w. nmap? David Fifield (Sep 05)
- Re: studies/papers/etc. on getting best results w. nmap? ^..^ (Sep 06)
- Re: studies/papers/etc. on getting best results w. nmap? DePriest, Jason R. (Sep 03)