Nmap Development mailing list archives
Re: Feature request list all IP addresses of a host name
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 29 Apr 2010 10:56:04 -0500
On Thu, 29 Apr 2010 10:34:09 -0500 Ron <ron () skullsecurity net> wrote:
It seems to me, the way Nmap currently works, you're missing potentially important data. If the same hostname points to multiple addresses, and the different addresses have different configurations, or one is compromised, then you're basically closing your eyes and taking a shot in the dark. The next time you scan the same address, you aren't necessarily scanning the same machine. In other words, the current method of only scanning the first ip address is likely missing things, and is also non-deterministic.
Agreed.
I would personally advocate scanning all addresses (or the first x for a reasonable value of x (16?) with a warning if there are too many) by default, and giving options to scan one or all. I realize the issues with changing the output for sysadmins, but I think they'd rather go "holy crap, we have a Trojan on one of our 10 servers!?" than "hmm, looks fine to me!"
However, I still disagree here. Having the ability to scan multiple IPs retrieved for a domain does sound (very) useful at times but doesn't sound like good default behavior. Sysadmins can still get that "holy crap" moment by using an additional command argument, so thrusting this behavior upon everyone by default doesn't gain anything. It's just that specifying one target on the command line but having several get scanned by default doesn't seem right. Use an argument for this behavior since it can be surprising otherwise. Nmap already tells you there are multiple IPs for a domain, so you're not left in the dark. Cheers, Kris Katterjohn
Attachment:
signature.asc
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Feature request list all IP addresses of a host name Derek (Apr 28)
- Re: Feature request list all IP addresses of a host name David Fifield (Apr 28)
- Re: Feature request list all IP addresses of a host name kafansi () gmail com (Apr 28)
- Re: Feature request list all IP addresses of a host name Fyodor (Apr 28)
- Re: Feature request list all IP addresses of a host name Djalal Harouni (Apr 29)
- Re: Feature request list all IP addresses of a host name Luis MartinGarcia. (Apr 29)
- Re: Feature request list all IP addresses of a host name Djalal Harouni (Apr 29)
- Re: Feature request list all IP addresses of a host name Kris Katterjohn (Apr 29)
- Re: Feature request list all IP addresses of a host name Ron (Apr 29)
- Re: Feature request list all IP addresses of a host name Kris Katterjohn (Apr 29)
- Re: Feature request list all IP addresses of a host name Rob Nicholls (Apr 29)
- Re: Duplicate IPs in hostgroup (was: Feature request list all IP addresses of a host name) Fyodor (Apr 29)
- Re: Duplicate IPs in hostgroup (was: Feature request list all IP addresses of a host name) David Fifield (Jun 15)
- Re: Duplicate IPs in hostgroup (was: Feature request list all IP addresses of a host name) David Fifield (Jun 25)
- Re: Feature request list all IP addresses of a host name Ron (Apr 29)
- RE: [BULK] Re: Feature request list all IP addresses of a host name Norris Carden (Apr 30)
- Re: Feature request list all IP addresses of a host name David Fifield (Apr 28)
- Re: Feature request list all IP addresses of a host name Djalal Harouni (Apr 29)
- Re: Feature request list all IP addresses of a host name jah (Apr 29)
- Re: Feature request list all IP addresses of a host name David Fifield (May 11)