Nmap Development mailing list archives
Review: Angry IP Scanner
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Fri, 6 Jun 2008 02:27:45 +0530
Hey everyone, Fyodor wanted me to do a bit of a review of the Angry IP Scanner[1]: It's a GUI-based Java program that, in its newest generation, is cross-platform (should work on at least Windows, Linux and OS X). I've tested it on Windows and Linux. It didn't need any installing on Windows; it's just a single binary (950k). On Linux I used their .deb package. The IP Scanner does ping sweeps and some port scanning. TCP and UDP aren't raw because the author wants to make clear that it's not a so-called "hacktool". A big design difference between Nmap and the IP Scanner is that the IP Scanner is multi-threaded instead of doing I/O multiplexing with select(). You can choose a maximum number of threads for it to run at a time (it uses one for *every* host). For host specification it can take a range (you give start and end addresses), or you can specify a netmask in address form (e.g. 255.255.255.0) or CIDR notation (e.g. /24) and it will set the end address based on the start and netmask. It can also read from a file, or produce random addresses. What's cool about their random address generator is that you give it a maximum number of addresses to produce, a base IP, and a netmask to narrow down the scope (give it 0.0.0.0 to behave like Nmap). It doesn't avoid reserved IPs like Nmap does, however. It doesn't seem to support IPv6, but it doesn't stop a scan from going with an IPv6 address. It can do TCP, UDP or ICMP pings, except of course on XP SP2 the ICMP ping won't work due to broken raw sockets. When doing a raw ICMP ping, instead of waiting for a timeout and retransmitting packets, it seems to send out a set (though configurable) number of probes out at the same time. For port scanning, it can take a range of ports much like Nmap (e.g. 1-3,5,7,10-15,6000-6010). The TCP ping and port scanning seems to be broken on Linux. When I use a TCP ping probe, it reports every host as up. When I use a working ping probe (e.g. ICMP), and do a TCP port scan, it reports virtually every host has having at least one open port (and hences changes the host's state). Since TCP has to be through connect() and it has to create a new thread for every host, scans can be slow. Doing the same scan with the IP Scanner and Nmap with the default timing options as an unprivileged user (hence doing connect()), Nmap is usually *at least* twice as fast as the IP Scanner. The IP Scanner hasn't been able to beat Nmap in accuracy or speed in any tests I've tried. After a scan is finished, you can use what's called an "opener" to start a session with a selected IP. You can setup different command strings and it will open up things like a FTP, Telnet, or HTTP session. If the TCP ping and port scanning didn't seem to be broken on Linux, and if raw sockets weren't broken on the Windows I have available, this could be a pretty nice little scanner. It doesn't need installing on Windows and it has a cross-platform GUI. But it doesn't seem to offer much that Nmap doesn't already have in some way or another. One thing I do like about it is the ability to narrow down the random IP generation to a given base IP and netmask. This may not be easy to implement in Nmap (since a user may or may not want a reserved IP, and the random IP generation code would have to be changed to allow for this), and probably not worth it. For example, if you wanted random IPs in the range of 192.*.*.*, should 192.168 be chosen or not? It's still pretty cool, though. Thanks, Kris Katterjohn [1] http://www.angryziber.com/w/Home _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Review: Angry IP Scanner Kris Katterjohn (Jun 05)
- Re: Review: Angry IP Scanner doug (Jun 05)
- Re: Review: Angry IP Scanner Fyodor (Jun 05)
- Re: Review: Angry IP Scanner Brandon Enright (Jun 05)
- Re: Review: Angry IP Scanner doug (Jun 06)
- Re: Review: Angry IP Scanner bensonk (Jun 06)
- Re: Review: Angry IP Scanner Brandon Enright (Jun 06)
- Re: Review: Angry IP Scanner doug (Jun 06)
- Re: Review: Angry IP Scanner doug (Jun 06)