Nmap Development mailing list archives
Re: wide-scan?
From: "'Bradley Kite'" <bradley () deathsgate demon co uk>
Date: Mon, 10 Jun 2002 18:55:23 +0100
Dion, Well ideally I am trying to do 2 things: wide scan, and log to a postgres database. The logging is to be done serially to get around the memory requirements for storing thousands of host records, and logging direct to a database means that the data is more readily accessable and updateable, (its mainly for work so that I know if people are running unauthorised servers or been trojanded etc...) What is the scanner that you wrote called, and where can I download it if its publically available? -- Regards Bradley On Mon, Jun 10, 2002 at 10:58:39AM -0400, Dion Stempfley wrote:
From: Dion Stempfley <Dion () riptech com> To: "'Bradley Kite'" <bradley () deathsgate demon co uk>, nmap-dev () insecure org Subject: RE: wide-scan? Date: Mon, 10 Jun 2002 10:58:39 -0400 X-Mailer: Internet Mail Service (5.5.2653.19) I looked at this for a while last year. After about 3 weeks of banging my head, I decided that adding an option to nmap was too much of a change to feel comfortable about the stability and maintainability of the end product. I wrote a different scanner, stealing heavily from nmap of course:) Do you intend to finish the entire block of hosts for a specific port before moving to another port? If so, you may need to keep several thousand host records and results in memory before outputting them. You would probably lose the ability to resume a scan, since you don't have any partial output to recover from. Maybe a different output format could accommodate the change to address some of these issues, but I didn't go down that route originally. For my scanner, I decided that by changing the output to stream results instead of reporting by host, I would reduce the overall memory requirements. Good luck, Dion-----Original Message----- From: Bradley Kite [mailto:bradley () deathsgate demon co uk] Sent: Saturday, June 08, 2002 12:44 PM To: nmap-dev () insecure org Subject: wide-scan? Hi everybody. I'm considering adding a 'wide-scan' option to nmap, so that instead of scanning all ports on each host, then moving to the next host (a deep scan) it will scan port 1 on all hosts, and then move to port 2 (well it will actually move through the user-supplied port list but you get my meaning...) I think that it will provide increased paralellism(?) when scanning a lot of hosts with paranoid (-T) timing options because while you are waiting, you can scan other hosts. The down side is that it will require a lot more memory, but you can get around this by reducing the number of ports you want to scan. Comments/Suggestions requested. Regards -- Bradley. pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc
-- Software Developer/Data Management Specialist Alchemetics Ltd, http://www.alchemetrics.co.uk pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc
Attachment:
_bin
Description:
Current thread:
- wide-scan? Bradley Kite (Jun 08)
- <Possible follow-ups>
- RE: wide-scan? Dion Stempfley (Jun 10)
- Re: wide-scan? 'Bradley Kite' (Jun 10)
- RE: wide-scan? Dion Stempfley (Jun 13)