Re: [RFC] Should --open override -v?

[Fyodor <fyodor () nmap org>]

On Fri, Feb 7, 2014 at 2:14 PM, Daniel Miller <bonsaiviking () gmail com>wrote:

> List,
>
> A user on IRC was looking for a way to avoid showing "down" hosts in his
> output. The standard answer, `--open`, didn't work in this case because he
> was doing a `-sn` scan and using `-v`. I think perhaps `--open` should
> override `-v` in this case, instead of the other way around. Here's a table
> of when down hosts are shown:

Thanks for making the suggestion.  That seems reasonable to me.  As you
note in your table, we already do exclude down hosts when --open is used
normally (e.g. with a port scan).  Using --open with a ping scan is kind of
bizarre, but this change shouldn't hurt anything and is arguably more
consistent as you note.

Of course the standard answer to skipping down hosts is to omit the -v
option.  But in this case, I imagine that -v provides some other
information he needs.  If this is found to be a common need, a cleaner
approach would probably be to add a special flag (e.g. --skip-down) to skip
down hosts.  But unless/until we see enough demand for that, this "-sn
--open" change seems like a reasonable one for an obscure need like this.
And it has the benefit of only changing one line :).

Cheers,
Fyodor
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/