Home page logo

Nmap Announce mailing list archives

Re: Safe scanning
From: "Alek O. Komarnitsky" <alek () ast lmco com>
Date: Tue, 21 Mar 2000 18:49:08 -0700 (MST)

I kinda started this thread when I mentioned that it appeared I knocked down 
a couple of machines w/nmap. I posted a summary of my findings a few days ago,
but in a nutshell, I applied a patch, turned off a few services in inetd,
and changed my nmap options FROM/TO:
   FROM:  -p "list-of-ports" --initial_rtt_timeout 300 --host_timeout 5000
   TO:    -p "list of ports" --initial_rtt_timeout 500 --host_timeout 15000 -sT
Note that I'm doing this because I prefer my web interface to return
the results PDQ which is more important to me than total completeness.

My guess would be some half-open connections were left open because of
the agressive timeouts and that confused a few machines. There were a
few people that wrote to me saying nmap had clobbered a few "weak" IP
stacks - one person said they had to buy lots of beer to make up for it!   ;-)

I'm in no way "disparaging" nmap (GREAT tool!) ... just letting folks
know my experiences. Since I've done the things above, I've hammered the
crap out of a few dozen Solaris & HP-UX hosts and have had no problems.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]