Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 ranges

From: Xu Weilin <mzweilin () gmail com>
Date: Thu, 23 Jun 2011 09:46:37 +0800
Yes, it's reasonable to implement IPv6 ranges first. I forgot that we hadn't
implement the basic parsing of IPv6 CIDR before.

Now I should spend some time on learning NSE script.

On Thu, Jun 23, 2011 at 8:16 AM, David Fifield <david () bamsoftware com>wrote:


Weilin,

I think that we must implement IPv6 ranges before doing multicast host
discovery. The reason for this is that I think it only makes sense to
use multicast when dealing with a whole network.

Currently Nmap's model is to parse the command-line host specifications,
return one host at a time (see TargetGroup::get_next_host), and then
feed those (4096 at a time) into ping scan. We need to change that, so
that we can feed an entire block like fe80::/64 into ping scan when
appropriate, without enumerating 2^64 addresses.

Colin has done the first steps towards this model. Please see the code
in nbase/nbase_addrset.c. This code can store IPv4 ranges and IPv6
networks with netmasks, without using very much space. We already use
this new code for Nmap's --exclude option.

The addrset code does not yet support iteration over members. We need to
make it do that, but it must be capable of returning entire blocks when
asked. For example, given the address specifications
       ::1 fe80::/64 1:2:3::4:5:6 scanmev6.nmap.org/112
the iteration would return the single host ::1, the network fe80::/64,
the single host 1:2:3::4:5:6, and the network
2600:3c01::f03c:91ff:fe93:cd19/112. The next higher level would see:
       * ::1 as a localhost address (and not ping it),
       * fe80::/64 as a local network (and do multicast ping on it),
       * 1:2:3::4:5:6 as a single IP address (and do unicast ping on it),
and
       * 2600:3c01::f03c:91ff:fe93:cd19/112 as a remote network (which it
         would then further iterate into 256 unicast hosts).

I want to suggest that you first implement these multicast host
discovery probes in an NSE script. It would look like this:
       nmap -6 --script=ipv6-multicast --script-args=newtargets
The ipv6-multicast.nse script would send all the multicast probes we
know of, and wait for replies. It would then add them to the Nmap
scanning queue with the target.add function:
       http://nmap.org/nsedoc/lib/target.html#add
This way we can make progress on multicast discovery without needing all
the details of figuring out when to do multicast versus unicast. Who
knows, maybe NSE is the best way to implement this anyway.

David Fifield





-- 
Regards
Xu Weilin 许伟林
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: