Re: Does nmap support IPv6 ranges now?
>>>>> Michelle Konzack <linux4michelle@tamay-dogan.net> writes:
[…]
> Starting Nmap 5.00 ( http://nmap.org ) at 2012-08-18 20:24 CEST
> Invalid host expression: 2a01:4f8:d12:1300:0:0:0:0/64 -- slash not allowed. IPv6 addresses can currently only be specified individually
> QUITTING!
It's the same for nmap 6.00-0.1 currently in Wheezy:
$ nmap -6 2001:db8::/64
Starting Nmap 6.00 ( http://nmap.org ) at 2012-08-18 20:07 UTC
Invalid host expression: 2001:db8::/64 -- slash not allowed. IPv6 addresses can currently only be specified individually
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.10 seconds
$
[…]
> Any suggestions how to make a "discover" on a whole network?
> Scanning single IPs takes forever and is no option...
> However, I have to scan networks like
> 2a01:4f8:d12:1300:0:0:0:RANGE
> 2a01:4f8:d12:1300:0:0:1:RANGE
> 2a01:4f8:d12:1300:0:0:2:RANGE
> which mean, only /112 ranges.
I don't know why exactly the Nmap developers have omitted the
“range” support for IPv6, but it was my understanding that to
scan a range one effectively has to scan every single address of
that range, and a /112 network already has some 65536 of those!
With or without range support in Nmap, that is likely to take a
lot of time.
As for the options, a simplistic GNU Awk script can be used to
enumerate all the addresses in a range (unfortunately, an even
simpler seq(1) doesn't fit here), like:
$ gawk 'BEGIN {
for (i = 0; i <= 0xffff; i++) { printf("2001:db8::1:%x\n", i); }
}'
Such a list may then be fed into one (or more) nmap(1)
instances, like:
$ gawk 'BEGIN {
for (i = 0; i <= 0xffff; i++) { printf("2001:db8::1:%x\0", i); }
}' \
| xargs -r0 -L16 -- nmap -6 --
Please note that I've changed the \n in printf() above to \0 in
order to use a more robust $ xargs -0 variant.
OTOH, I'd suggest trying to use tcpdump(8) (or a similar tool)
to get the addresses of the active IPv6 hosts in the network,
then applying Nmap to those. On a network with working IPv6
autoconfiguration (and thus some 2⁴⁸ addresses, based on EUI-48)
it seems like the only choice.
--
FSF associate member #7257 http://sf-day.org/ news:comp.unix.shell
Reply to: