mailing list archives
Re: Suspect that --host-timeout is not working in 4.50?
From: jah <jah () zadkiel plus com>
Date: Fri, 14 Dec 2007 22:42:21 +0000
On 14/12/2007 20:52, Randolph Reitz wrote:
I have installed nmap 4.50 on the scanner farm here at Fermilab and
I've noticed that some nmap scans are running a long time. For
scanner 5311 31009 0 12:17 ? 00:00:00 /bin/bash ./bin/
run_nmap.sh --pro -d 1 -sS -p 1-65535 -A 131.225.232.A 131.225.232.B
root 5319 5311 2 12:17 ? 00:03:10 /usr/local/bin/nmap -
sS -p 1-65535 -P0 -T4 --osscan-limit --osscan-guess --host-timeout 15m
-A -oX - 131.225.232.D
Fri Dec 14 14:47:47 CST 2007
The nmap started at 12:17 and has collected 3 minutes of CPU so far.
The host_timeout is set for 15 minutes. So far, I've collected
hundreds of examples of long-running nmap scans. However, I've
noticed that nmap 4.50 is much faster than 4.2.
Does anyone else have a problem with --host-timeout?
I don't seem to be having any problems with --host-timeout, may I
propose a quick test...
Perform a simple test scan against a couple of hosts with the aim of
finding a host/scan combination that takes at least 2 seconds, but as
short as possible (this is supposed to be a quick test). An example
nmap -d -sU -p1-5000 <target>
When you have a total scan time that suits, add the lowest permissible
nmap -d -sU -p1-5000 --host-timeout 1501 <target>
if host-timeout is working properly, you should see something like:
Completed ARP Ping Scan at 22:35, 0.05s elapsed (1 total hosts)
<target> timed out during UDP Scan (0 hosts left)
Completed UDP Scan at 22:35, 1.46s elapsed (1 host timed out)
Host <target> appears to be up ... good.
Skipping host <target> due to host timeout
If that's a success, you could start building up the scan paramaters
again and hopefully determine what's gone wrong.
Hope that helps a bit,
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org