The attached patch (/nmap-exp/kris SVN r4456) changes the max protocol
count (with -sO) when deciding when to ignore certain states. The SVN log:
------------------------------------------------------------------------
r4456 | kris | 2007-02-02 21:42:40 -0600 (Fri, 02 Feb 2007) | 1 line
Change max protocol count when ignoring states. The IPProto Scan wasn't
taken into account when figuring out how many ports/protocols should be
in a given state before ignoring them. For me in most cases, -d caused
every protocol to be listed because most are open|filtered and the -d
set the maximum to a value a lot larger than 255. Now for the same
hosts, it takes -d3 for all of them. This is a value that seems good for
me for most hosts, but I'm going to mail -dev to see if they can do better.
------------------------------------------------------------------------
So if you can test this out, that'd be great. And if you think you have
a better value to put in there, that's even better :)
Thanks,
Kris Katterjohn
Index: portlist.cc
===================================================================
--- portlist.cc (revision 4455)
+++ portlist.cc (revision 4456)
@@ -694,8 +694,12 @@
int max_per_state = 25; // Ignore states with more ports than this
/* We will show more ports when verbosity is requested */
- if (o.verbose || o.debugging)
- max_per_state *= (o.verbose + 20 * o.debugging);
+ if (o.verbose || o.debugging) {
+ if (o.ipprotscan)
+ max_per_state *= (o.verbose + 3 * o.debugging);
+ else
+ max_per_state *= (o.verbose + 20 * o.debugging);
+ }
if (getStateCounts(state) > max_per_state)
return true;
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Feb 02 2007
Intro
