nmap 可以掃描/測試來自循環 dns 的所有答案嗎？

我有一個循環 dns 記錄，我想用 nmap 測試，目前它只嘗試其中一個 IP（如果我執行一個循環，它會按順序檢查每個 IP）。

有沒有辦法讓 nmap 測試來自 dns 記錄的所有 A/AAAA 記錄？

例子： nmap -p25 rr-test.jacobdevans.com

我認為沒有循環是不可能的。嘗試nping改用nmap. IPv4 範例：

$ host -t MX gmail.com | awk '{print $NF}' | xargs -I{} host -t A {} | awk '{print $NF}' | xargs -e nping -c 1 -p 25,465 | grep -P "(SENT)|(RECV)"
SENT (0.0014s) Starting TCP Handshake > 74.125.204.26:25
RECV (0.3228s) Handshake with 74.125.204.26:25 completed
SENT (1.0036s) Starting TCP Handshake > 74.125.201.26:25
RECV (1.1765s) Handshake with 74.125.201.26:25 completed
SENT (2.0065s) Starting TCP Handshake > 74.125.28.26:25
RECV (2.2137s) Handshake with 74.125.28.26:25 completed
SENT (3.0086s) Starting TCP Handshake > 173.194.222.26:25
RECV (3.0475s) Handshake with 173.194.222.26:25 completed
SENT (4.0116s) Starting TCP Handshake > 74.125.30.27:25
RECV (4.1853s) Handshake with 74.125.30.27:25 completed
SENT (5.0142s) Starting TCP Handshake > 74.125.204.26:465
SENT (6.0163s) Starting TCP Handshake > 74.125.201.26:465
SENT (7.0184s) Starting TCP Handshake > 74.125.28.26:465
SENT (8.0196s) Starting TCP Handshake > 173.194.222.26:465
SENT (9.0217s) Starting TCP Handshake > 74.125.30.27:465

對於 IPv6 使用命令：

$ host -t MX gmail.com | awk '{print $NF}' | xargs -I{} host -t AAAA {} | awk '{print $NF}' | xargs -e nping -c 1 -6 -p 25,465 | grep -P "(SENT)|(RECV)"

引用自：https://serverfault.com/questions/843304