mailing list archives
Re: nmap performance -> timeout issue
From: MadHat <madhat () unspecific com>
Date: Wed, 13 Apr 2005 14:49:01 -0500
On Apr 13, 2005, at 2:22 PM, Maarten Hartsuijker wrote:
One point missing... version of nmap? I ran into a problem with some
Latest version (3.81). Tried the RPM as well as a custom compiled
version: same issues. I just tried setting max_scan_delay to 0. Nmap
now no longer mentions the need for increasing the send delay, but
nevertheless, the problems remain.
I also found that nmap would stall some times on a single host, which
is why I originally wrote my nmap wrapper to run X number of nmap
processes in parallel. I think at last count I was scanning more
than 180K IPs in less than 16 hours, but I had ICMP enabled for all
my hosts to/from my monitoring host.
I know nmap will probably be able to do better timing if ICMP is
enabled, but I prefer the the audit machine not to have any special
privileges when performing scans.
Well, technically ICMP is open to the world on those hosts... so it
I could run more processes in parallel, by wrapping up some threads
from a script, but I think the min_hostgroup option I'm using should
achieve more or less the same. Although an improvement of this option
might be to have it start new hosts after the first one is finished.
Currently I'm scanning 52 hosts simultaniously. 45 hosts that have no
open ports perform as they should and finish within the hour. 7 hosts
with open ports take about 9,5 hour to complete. It would be nice if
it were possible to instruct nmap to start scanning host 53 as soon as
the first one is finished, in stead of waiting for all 52 to complete.
But this just as a side note. I am really curious why some of the
hosts take >9 hours to complete, even though I set all the possible
My wrapper keeps X number of processes running, so as one finishes, it
My nmap tools are here...
Sent through the nmap-dev mailing list