Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: multiple nmap processes on same ip

From: KarMax <karmax () gmail com>
Date: Thu, 11 May 2006 21:26:34 +0000
On 5/11/06, Simon <simon.xhz () gmail com> wrote:

  There will be a php interface that will sort out and display the
nmap information as it arrives (using server_push rather than
auto-refresh).



Take a look at the xml output, you probably want that.


  So my question is this, is there an impact on running different nmap
scans on the same ip address with different (or sometimes possibly
repeated) options?


I dont see the point...
You can work a litlle with some scripting and nmap options. If you are
running two times the same scan on the same host you are doing
something wrong. (except if you are looking for changes).
i.e. you can do a host discovery and if the host seems to be up (tcp
ping, icmp... you have a lot of ways to check that) then you can do
different types of scan. You can do and ACK scan, an XMAS and SYN
scans and then put all the data togheter ( you can automate that
process, so you can have filtered opens and closed results to take
your own conclusions).

BTW you _MUST_ think like the target host admin... more if you need to
be precise, becouse, some scan can give you wrong results becouse you
are being firewalled or something like that.

take a look at the manual, there are some usefull options like:
min-rtt-timeout / max-rtt-timeout
-n
osscan-*
min-hostgroup/max-hostgroup
version-*
min-parallelism/max-parallelism
max-retries
host-timeout
scan-delay

Its important be carefull when you play with this options to avoid
wrong results.
Also if you take some time working on this options you will increase
your preccision and speed (the speed increase will be amazing).

This info is important when you want to scan each host, if want to do
host discovery
man nmap | grep discovery
Also you can try changing source port or another techniques to bypass
firewall rules.

Thanks for the os fingerprinting (also i believe it will not disclose
info of your lan, dont worry :)

Good bye

-- 
Gonzalo Martinez
Jabber: KarMax () jabber org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Previous By Date Next
Previous By Thread Next

Current thread: