On Tue, Dec 11, 2007 at 05:10:48PM -0000, Rob Nicholls wrote:
> Following on from my previous email about getting --resume to "work" on
> Windows (i.e. nmap no longer displays the pfatal message)...
>
> Has anyone else been able to get --resume to do anything useful? I've
> tried RC7 (with my change) on Windows and 4.21ALPHA3 on Linux; nmap
> doesn't appear to write anything to the output file until it's finished
> scanning everything, which makes --resume seem a little bit pointless. Is
> there a "special" way I'm supposed to abort the scan? If you try --resume
> against a completed output file, you see something like:
>
> >nmap --resume testresume
> Unable to parse ip (Intel) supposed log file testresume. Sorry
> QUITTING!
>
> I've even tried editing the output file to fool it into thinking it's
> halfway through a scan, but all I get is:
>
> Unable to parse supposed log file testresume_edited. Sorry
> QUITTING!
Nmap scans hosts in big groups and writes output for an entire group all
at once when it is finished. Maybe you're not scanning enough hosts at
once to make --resume useful. The size of a scan group varies with scan
type and number of probes, but it should be about 30. You can try out
smaller scan group sizes with something like --max-hostgroup 4; then you
should get a resumable log file sooner.
David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 13 2007
Intro
