RE: Advice on Fastest NMAP Scan

From: Andy Cuff (AndyCuff_at_securitywizardry.com)
Date: 10/27/04

  • Next message: Kluge: "Re: Is this normal?" 
    To: "'Mogren, Jack L.'" <mogren@mayo.edu>, <security-basics@securityfocus.com>
Date: Wed, 27 Oct 2004 18:51:22 +0100

    Jack,
    If you are scanning networks where bandwidth is an issue you may wish to
    consider the use of a packet shaping tool in addition to the nmap parameters
    to restrict speed, this will prevent you DOSing yourself. (been there, done
    that, got shouted at)

       Regards
       -andy cuff
    The Talisker Network Security Portal
    http://securitywizardry.com
    Computer Network Defence Ltd

    -----Original Message-----
    From: Mogren, Jack L. [mailto:mogren@mayo.edu]
    Sent: 26 October 2004 15:59
    To: 'security-basics@securityfocus.com'
    Subject: Advice on Fastest NMAP Scan

     
    Hi,
      I want to use NMAP to perform a network inventory on our network. We have
    over 75,000 networked devices. The address ranges include one class B,
    several class Cs, and the entire private address space. That's a lot of
    addresses to scan and I expect it to take a long time. I'm looking for
    advice on what options one might use to create the fastest NMAP scan. I'm
    only interested in finding our each devices OS and open services. Here's
    what I've come up with so far.

    nmap -O -T4 -PE -F --osscan_limit -oX /home/security/test.xml -iL
    /home/security/ip_addresses.txt

      Any comments or suggestions?

    Also, has anyone had luck importing a NMAP-generated XML file into MS
    Access? When I do so, it creates the tables, but the fields are blank. No
    data.

    Thanks,

    Jack Mogren
    Mayo Clinic
    Foundation Information Security Office
      

    ---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.782 / Virus Database: 528 - Release Date: 22/10/2004
 
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.782 / Virus Database: 528 - Release Date: 22/10/2004
  • Next message: Kluge: "Re: Is this normal?"

    Relevant Pages

    • RE: Nmap output
      ... Try using Nlog. ... NLog is a set of PERL scripts for managing and analyzing your nmap 2.0+ ... web based service gateway to an internal network. ...
      (Pen-Test)
    • Re: Scanning Class A network
      ... About point 2, i recommend you Nmap... ... >network to identify hosts and ports exposed to the Internet. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • Re: Advice on Fastest NMAP Scan
      ... Good to see you on here Fyodor. ... make sure that you are using Nmap 3.75. ... or just a local network? ... > shouldn't be any problem at all for regular scanning. ...
      (Security-Basics)
    • Re: Scanning hosts behind a NAT
      ... I'm a student and I'm trying to learn how nmap does its job. ... Today, for example, I tried to scan my home network )... ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
      (Security-Basics)
    • RE: generating a network map
      ... You could use Etherape with a network discovery tool like Nmap. ... but the topology won't be correct I don't think. ...
      (Pen-Test)