Nmap Announce mailing list archives
Re: distributed nmap?
From: Thomas Reinke <reinke () e-softinc com>
Date: Sat, 18 Mar 2000 11:25:48 -0500
Lorell Hathcock wrote:
Greetings! I understand that in version 2.0 of nmap, nmap will run parallel processes or scans simultaneously. Has anyone done any work with a nmap scan from a distributed set of servers? What are the pros and cons of such an approach? It seems like a few of the pros would be a faster scan is possible of larger networks. Also, it seems a scan could be done more "stealthily" if a broad set of servers were brought to bear on it. It would look like a decoy attack when in fact it wasn't. Some of the cons are that it could be difficult to distribute commands to each of the member servers and to recombine the results of the scan.
We've scoped out something very similar to what you're describing. Essentially, we've laid out nmap as a "service" on Unix, accepting a very specific set of input parameters, and generating a very specific set of output parameters (essentially its log file plus some added tidbits of info). Then, a master "controller" simply hands off requests to the various servers running these services and waits for the response. It results in a scalable architecture, in the sense that if you want another system in your network, you just drop in this 'service' and add the IP of the service to the master controller. Cheers, Thomas
Any thoughts? Thanks! Lorell Hathcock -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
-- ------------------------------------------------------------ Thomas Reinke Tel: (905) 331-2260 Director of Technology Fax: (905) 331-2504 E-Soft Inc. http://www.e-softinc.com
Current thread:
- distributed nmap? Lorell Hathcock (Mar 18)
- Re: distributed nmap? Thomas Reinke (Mar 18)
- Re: distributed nmap? Arturo Busleiman (Mar 18)
- Re: distributed nmap? Lance Spitzner (Mar 19)
- Re: distributed nmap? Frasnelli, Dan (Mar 19)
- Re: distributed nmap? Aaron D. Turner (Mar 19)
- Re: distributed nmap? D . R . Tzeck (Mar 21)
- Re: distributed nmap? Arturo Busleiman (Mar 18)
- Re: distributed nmap? Thomas Reinke (Mar 18)
- <Possible follow-ups>
- Re: distributed nmap? Aaron D. Turner (Mar 19)
- Re: distributed nmap? Simple Nomad (Mar 24)