Nmap Announce mailing list archives
Re: distrbuted nmap?
From: Jose Nazario <jose () biocserver BIOC CWRU Edu>
Date: Tue, 21 Mar 2000 10:56:29 -0500 (EST)
On Mon, 20 Mar 2000, Lorell Hathcock wrote:
Would nmap run across the "PVM'ed" network of machines transparently?
why not?
How would one control which host in the PVM network would actually perform which scan?
you would start the daemon (ie pnmapd for parallel-nmap-daemon) on one machine and it would use PVM or some other parallel system to contact the other hosts and ensure all members were present. then it would assign tasks (ie which ports to scan), wait, collect data and make a final report (similar to the nmap report we have now). this does introduce a very interesting premise, though -- namely if the different machines have different permissions on the target. i run very liberal firewall rules, i'm always adding hosts. as such, it is conceivable that one set of scans would be from a permitted host while another would be from a not permitted host. differentiating between them in the results would be difficult if the firewall was silent (ie forged RSTs for TCP SYNs).
If granular control could be achieved, could one specify that PVM Client #1 would scan Host X on port N and that PVM Client #2 would scan Host X on port M?
as you noted in your memo, yes, they would have to be randomized, as so you could have granular control. couple random with some tweaking (ie i know this machine is within a trusted realm, so i'll ask it to do these special ports) and you got yourself a nice automated information gathering tool. jose nazario jose () biochemistry cwru edu PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Current thread:
- Re: distrbuted nmap? Jose Nazario (Mar 20)
- Re: distrbuted nmap? Juan M. Bello Rivas (Mar 21)
- <Possible follow-ups>
- Re: distrbuted nmap? Lorell Hathcock (Mar 20)
- Re: distrbuted nmap? ajax (Mar 20)
- Re: distrbuted nmap? Jose Nazario (Mar 21)