To get nmap results, one has to wait for the end of the scan.
How can I force nmap to gradually display the newly found hosts and open ports while it is running?
I have a simple method that I am using on four subnets to determine which registered IPs are actually up and active, and which ones can be removed.
Initially, I iterate through the list of domain names with this command:
sudo nmap -sS -O -v oN $filename $name
$filename is my output file for that IP and $name is the domain name that was read in.
From that command, for all IPs that reported 'host down', I run this command:
sudo nmap -Pn -sS -O -v -oN $filename $name
Note that the only difference here is that I am now assuming the host is up, just to see what comes back.
In all the cases I've seen thus far, however, all the ports that are scanned are filtered, and since the host is assumed to be up, I don't have a way to verify that it actually is up after this second scan is run.
Any other ideas?
Under IPv4, I often use nmap to scan my entire IP range to identify newly-connected devices and update my documentation, track down and shut off things that don't belong on the network, etc. I even have tools that do this automatically, for instance my AV software scans a defined IP range and then installs AV software on anything it can see in that range.
That's going to be infeasible under IPv6, as I will go from scanning a few thousand IP addresses to many quntillions.
What will the alternative be? Will routers/switches be able to report what IPv6 addresses they've seen lately so I can port scan everything on the network? That's the only approach I can see, but I expect that SF will have more and better ideas.
I'm trying to install and run the nmap tool to test my server, but it keeps saying
Note: Host seems down. If it is really up, but blocking our ping probes, try -P0
and showing all the server ports are closed. Which is not true - the server is up and has lots of open ports. Any ideas?
UPDATE: Just to clarify - the server can be pinged and port-scanned fine by other programs. It's juts nmap that does not work. Even "google.com" seems to be down for nmap.
I'm setting up a periodic port scan and vulnerability scan for a medium-sized network implementing a customer-facing web application. The hosts run CentOS 5.4.
I've used tools like Nmap and OpenVAS, but our firewall rules have special cases for connections originating from our own facilities and servers, so really the scan should be done from the outside.
Rather than set up a VPS or EC2 server and configuring it with various tools, it seems like this could just be contracted out to a port and vulnerability scanning service. If they do it professionally they may be more up to date than something I set up and let run for a year...
Any recommendations or experience doing this?