Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: nmap performance -> timeout issue

Re: nmap performance -> timeout issue

From: MadHat <madhat_at_unspecific.com>
Date: Wed, 13 Apr 2005 14:49:01 -0500

On Apr 13, 2005, at 2:22 PM, Maarten Hartsuijker wrote:
>> One point missing... version of nmap? I ran into a problem with some
> Latest version (3.81). Tried the RPM as well as a custom compiled
> version: same issues. I just tried setting max_scan_delay to 0. Nmap
> now no longer mentions the need for increasing the send delay, but
> nevertheless, the problems remain.
>
>> I also found that nmap would stall some times on a single host, which
>> is why I originally wrote my nmap wrapper to run X number of nmap
>> processes in parallel. I think at last count I was scanning more
>> than 180K IPs in less than 16 hours, but I had ICMP enabled for all
>> my hosts to/from my monitoring host.
> I know nmap will probably be able to do better timing if ICMP is
> enabled, but I prefer the the audit machine not to have any special
> privileges when performing scans.

Well, technically ICMP is open to the world on those hosts... so it
wasn't special.

> I could run more processes in parallel, by wrapping up some threads
> from a script, but I think the min_hostgroup option I'm using should
> achieve more or less the same. Although an improvement of this option
> might be to have it start new hosts after the first one is finished.
> Currently I'm scanning 52 hosts simultaniously. 45 hosts that have no
> open ports perform as they should and finish within the hour. 7 hosts
> with open ports take about 9,5 hour to complete. It would be nice if
> it were possible to instruct nmap to start scanning host 53 as soon as
> the first one is finished, in stead of waiting for all 52 to complete.
> But this just as a side note. I am really curious why some of the
> hosts take >9 hours to complete, even though I set all the possible
> timeout parameters....

My wrapper keeps X number of processes running, so as one finishes, it
launches another.

My nmap tools are here...
http://www.unspecific.com/.go/nmap/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Apr 13 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos