Nmap Development mailing list archives
2 ideas for NMAP, 1 open question
From: Fyodor <fyodor () insecure org>
Date: Fri, 24 May 2002 00:28:56 -0700
[ I'm redirecting this to nmap-dev since they are development comments and so that people can respond immediately without moderation hassles :) -Fyodor ] ----- Forwarded message from Lamont Granquist <lamont () scriptkiddie org> ----- Date: Fri, 24 May 2002 00:12:12 -0700 (PDT) From: Lamont Granquist <lamont () scriptkiddie org> To: <nmap-hackers () insecure org> Subject: 2 ideas for NMAP, 1 open question ARP scan. I've noticed that this is what happens anyways when you do a TCP or ICMP scan on your local network (just think about it for a second). You could just cut to the chase and do this directly. Ideally do it massively parallel as well, so that you can do a fast local network discovery. Really NMAP should know what networks are on your local interfaces and you should be able to specify just with a couple switches that you want to do a complete local network discovery. Libnet I talked with Fyodor about this way back and the problem here is that many people use NMAP on non-ethernet networks. That means that if you use Libnet and link-layer output in some circumstances you need to code it very carefully so that you fall back to raw sockets in other cases. You should only extend NMAP and not break it for anyone. Also, in a lot of circumstances it should be possible to implement features both using raw sockets and link-layer output, NMAP should provide switches so the user could choose (based on architecture and version, one or the other might be broken). Libnet might make ARP scanning a lot easier to implement, and I think the link-layer output could be useful in other circumstances to play with. I tried doing both of the above in some prototype code for a stand-alone scanner, but it needs to get rewritten and cleaned up, and I don't have the time. I definitely don't have the time to try to figure out how to get it into NMAP. IPv6 Anyone got any ideas for how to ping sweep an entire 64-bit address space, corresponding to one network? IPv6 seems to pose some interesting challenges. ----- End forwarded message ----- --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- 2 ideas for NMAP, 1 open question Fyodor (May 24)
- Re: 2 ideas for NMAP, 1 open question Lamont Granquist (May 24)
- Re: 2 ideas for NMAP, 1 open question Fyodor (May 24)
- Re: 2 ideas for NMAP, 1 open question Lamont Granquist (May 24)
- Re: 2 ideas for NMAP, 1 open question Andy Lutomirski (May 24)
- <Possible follow-ups>
- RE: 2 ideas for NMAP, 1 open question Rouland, Chris (ISSAtlanta) (May 24)
- Re: 2 ideas for NMAP, 1 open question D. (May 25)
- Re: 2 ideas for NMAP, 1 open question William McVey (May 29)
- Re: 2 ideas for NMAP, 1 open question William McVey (May 30)
- Re: 2 ideas for NMAP, 1 open question Peter Thoenen (May 30)
- Re: 2 ideas for NMAP, 1 open question Andy Lutomirski (May 30)