i was wondering this very thing. i watched a video at purehates blog, and it shows him using netdiscovery tool on BT3, well BT4 does not have that same tool. i was hoping that i could write my own script that uses nmap commands to basically find just alive hosts. Im assuming this netdiscovery tool was a auto script for nmap..

lol, nope not the GUI. it runs it in a shell. He uses it in his de-ice 1.100 part one video. its in the same folder as autoscan but its called netdiscovery..

as per your other post, im not at all familur with nmap except nmap -sV. hahaha. i just barely started learning bout this stuff. However i do like some of the options that nmap can supposedly do. I wanna test it against my IDS and see if it flags it.

at first i missed netdiscovery also in the new BT4, but good alternatives are available like autscan. remember that nmap can search subnets just as easy with the ip.address/<subnet number) tag! this provides a list with all computers that are responding/up.

nmap is GREAT! no reason not to use it, ever! just remember to always double check your findings, so using another tool is always recommended!

I can think of one to not use NMAP. If you have to go through a 2-wire system, and not in a position to control it.

I've ran nmap from home a couple of times, while at work, against the external ip addresses for work. Usually, to make sure I didn't mess up the firewall configuration for inbound traffic on the IP. (I limit ports both in and out of the company).

The times, I've done it, the system at home has shut down the Network and TV. It claims to have found a router behind the 2-wire router, and puts the computer I do remote work with into a DMZ.

Usually stays broken, and leaves my computer accessible to the world, until I get home. The other systems on the network don't work either.

It would be an interesting DOS attack to try in a pen-test, if the test called for it.