Nmap Development mailing list archives
Suggestion for NMAP
From: Dave Horsfall <dave () horsfall org>
Date: Sat, 4 Oct 2014 08:22:13 +1000 (EST)
(Archives searched, and nothing relevant) I've been using NMAP for many years now and I've started using it for monitoring open-but-unused ports e.g. an exposed server with no HTTP listener etc. Is there a way to timestamp the connections? The "-v" flag doesn't do it, and I can't find any other flag. Version here is 5.50 on FreeBSD (I need to update) and 6.01 on OS/X. If there is no flag then I'll grab the source and submit a patch. Another idea is a fake client for SMTP/SSH/HTTP etc; accept the connection then go through the minimal dialogue necessary to establish information about the remote end before dropping it. E.g. for SMTP it would be something like: <-- Connect --> log, and Banner <-- HELO --> log, and reply <-- MAIL FROM=<...> --> log, and OK <-- RCPT TO=<...> --> log, and OK <-- DATA --> reject and drop Similarly for SSH and HTTP etc. Thanks for a wonderful program. -- Dave _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Suggestion for NMAP Dave Horsfall (Oct 03)
- Re: Suggestion for NMAP Daniel Miller (Oct 04)
- Re: Suggestion for NMAP Dave Horsfall (Oct 04)
- Re: Suggestion for NMAP Daniel Miller (Oct 04)