Nmap Development mailing list archives
Re: NSE without ping or port scanning: interface ideas
From: jah <jah () zadkiel plus com>
Date: Fri, 10 Jul 2009 22:03:49 +0100
On 10/07/2009 20:40, David Fifield wrote:
nmap -sC -sP -PN This is what I used in my tests. A problem is the seemingly contradictory options -sP -PN. You have to think of -sP not as "ping scan" but as "don't port scan."
I remember trying this method for this very reason - it seemed perfectly logical to me - "do a ping scan without any ping probes".
nmap -sC -sL This one is nice because -sL already means "no ping or port scan." However it means that -sL is no longer a guaranteed "safe" scan that doesn't contact the targets. nmap -sC -PN -s0 -s0 is a made-up option that means "don't port scan," analogous to -PN. -sN would be a better match but that is already NULL scan. None of these choices is compelling so I'm open to other ideas.
Perhaps a good idea, as Tom said, would be to have a "script scan exclusively" option which would at least make it less confusing for users, less difficult to implement - and easier to document.
Another idea I'd like to solicit comments on is to allow -p to be used with -sP -sC. The port list would be a list of ports that are assumed to be open on each host, without doing a port scan. This would allow running port scripts, not just host scripts, with -sP. Assuming the ports to be open would work much the same way as -PN assumes hosts to be up.
I like this idea. I'd also like for scripts called by name to have their host/portrules automatically return true - I can imagine this might be a bit troublesome unless there was an option for "script scan exclusively", but if there were such an option it should be easy to override the return from a rule. jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE without ping or port scanning: interface ideas David Fifield (Jul 10)
- Re: NSE without ping or port scanning: interface ideas Tom Sellers (Jul 10)
- Re: NSE without ping or port scanning: interface ideas Michael Pattrick (Jul 10)
- Re: NSE without ping or port scanning: interface ideas jah (Jul 10)
- Re: NSE without ping or port scanning: interface ideas David Fifield (Jul 18)
- Re: NSE without ping or port scanning: interface ideas Tom Sellers (Jul 10)