nmap -vv -n -sP -PT80 x.x.x.x
The above command from any linux/solaris/bsd host capable of doing nmap from command line would accomplish a scan on the targeted host with the ip address denoted by x.x.x.x and would find out if it is listening on tcp port 80, for instance. The scan process could take a long time if you chose to scan all 65335 ports.
The following command could also accomplish scan of a range of ip address by means of a simple ping scanning:
nmap -vv -n -sP x.x.x.x/yy
Once you know which hosts are up, just use nessus to do vulnerability scanning of hosts that are up.
Hope this helps.
S
----- Original Message ----- From: <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Saturday, January 29, 2005 2:34 PM
Subject: ping before scan of the host
Dear scanners, I have to scan a range of IP's automatically (via commandline) e.g. 10.1.2.0/16.
And I really do not know, which IP's are online. I want to prevent my scan from taking hours or days because of waiting for timeouts....
I read about switching off the nmap portscans inside Nessus because of timing problems.
So I think about doing a ping before scanning each of the boxes.
Can this ping being done inside the Nessus scan? If yes, what is to do? OR Is it better to
first do a nmap-ping-scan > file_of_IP_alive then do the nmap-scan with [file_of_IP_alive] as input ?
would be nice to get a hint. Thank you all.
-- NCSISU Non Certified Security Information Systems User
GMX im TV ... Die Gedanken sind frei ... Schon gesehen? Jetzt Spot online ansehen: http://www.gmx.net/de/go/tv-spot _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
