|
Nmap Development
mailing list archives
Re: Why does nmap send multiple probes to the same port?
From: Andreas Ericsson <ae () op5 se>
Date: Thu, 12 Jan 2006 01:56:04 +0100
chok () chokmah org wrote:
I am having trouble with nmap sending multiple probes to
the same port to the same target. Because of this, a scan
of all ports takes many days instead of an hour or two. I
am using nmap version 3.81 on debian 3.1 (sarge).
Here is what the scan looks like:
# nmap -sT -P0 -p 1-65535 --packet_trace 192.0.2.1
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at
2006-01-06 09:47 CST
CONN (0.3610s) TCP localhost > 192.0.2.1:21 => Operation
now in progress
It doesn't. EINPROGRESS (the macro for the error-code being returned) is
returned, but that doesn't mean nmap is sending the packet. Here's what
the connect(2) man-page has to say about it;
---8<---8<---8<---8<---
The socket is non-blocking and the connection cannot be
completed immediately. It is possible to select(2) or poll(2) for
completion by selecting the socket for writing. After select
indicates writability, use getsockopt(2) to read the SO_ERROR
option at level SOL_SOCKET to determine whether connect
completed successfully (SO_ERROR is zero) or unsuccessfully
(SO_ERROR is one of the usual error codes listed here, explaining the
reason for the failure).
-----------------------
--
Andreas Ericsson andreas.ericsson () op5 se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
 By Date 
By Thread
Current thread:
| 
Intro
