From e9ea425f12d4b5483a17e117b8e02eb91ada3e87 Mon Sep 17 00:00:00 2001 From: dmiller Date: Thu, 16 May 2024 19:31:48 +0000 Subject: [PATCH] Update docs for parallel forward-DNS lookups. --- CHANGELOG | 8 ++++++++ docs/refguide.xml | 21 ++++++++++----------- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 6df01a057..39d9d81ca 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,13 @@ #Nmap Changelog ($Id$); -*-text-*- +o [GH#1451] Nmap now performs forward DNS lookups in parallel, using the same + engine that has been reliably performing reverse-DNS lookups for nearly a + decade. Scanning large lists of hostnames is now enormously faster and avoids + the unresponsive wait for blocking system calls, so progress stats can be + shown. In testing, resolving 1 million website names to both IPv4 and IPv6 + took just over an hour. The previous system took 49 hours for the same data + set! [Daniel Miller] + Nmap 7.95 [2024-04-23] o Integrated over 4,000 of your IPv4 OS fingerprints. Added 336 signatures, diff --git a/docs/refguide.xml b/docs/refguide.xml index f05499957..4384bf276 100644 --- a/docs/refguide.xml +++ b/docs/refguide.xml @@ -330,7 +330,7 @@ you would expect. - (No DNS resolution) + (No reverse DNS resolution) @@ -345,7 +345,7 @@ you would expect. - (DNS resolution for all targets) + (Reverse DNS resolution for all targets) @@ -392,15 +392,14 @@ you would expect. - By default, Nmap reverse-resolves IP addresses by sending + By default, Nmap resolves names to IP addresses (and IP addresses to names) by sending queries directly to the name servers configured on your host - and then listening for responses. Many requests (often + and then listening for responses. Many requests (often dozens) are performed in parallel to improve performance. Specify this option to use your system resolver instead (one IP at a time via the getnameinfo call). This is slower and rarely useful unless you find a bug in the Nmap parallel - resolver (please let us know if you do). The system - resolver is always used for forward lookups (getting an IP address from a hostname). + resolver (please let us know if you do). @@ -408,13 +407,13 @@ you would expect. (Servers to use for reverse DNS queries) + (Servers to use for DNS queries) By default, Nmap determines your DNS servers - (for rDNS resolution) from your resolv.conf file (Unix) or + from your resolv.conf file (Unix) or the Registry (Win32). Alternatively, you may use this option to specify alternate servers. This option is not honored if you are using . @@ -426,7 +425,7 @@ you would expect. This option also comes in handy when scanning private networks. Sometimes only a few name servers provide - proper rDNS information, and you may not even know where + proper DNS information, and you may not even know where they are. You can scan the network for port 53 (perhaps with version detection), then try Nmap list scans () specifying each name server one at a @@ -437,8 +436,8 @@ you would expect. exceeds the size of a UDP packet. In such a situation our DNS resolver will make the best effort to extract a response from the truncated packet, and if not successful it will fall back to - using the system resolver. Also, responses that contain CNAME aliases - will fall back to the system resolver. + using the system resolver. +