mailing list archives
From: Justin Azoff <JAzoff () uamail albany edu>
Date: Thu, 02 Apr 2009 09:06:50 -0400
Hi, since upgrading from debian etch nmap to debian lenny nmap (4.11 to
4.62) I noticed that a script that runs a ping scan across our /16
stopped finding 90% of the hosts.
The command ran is simply:
nmap --host_timeout 2000 -n -sP -PE a.b.0.0/16
The highest latency on the network is under 100ms, so 2000 should be
more than high enough to find everything.
I used git bisect against git://git.debian.org/~lamont/nmap.git to track
this down to a commit, and the result was
which corresponds to '4.22SOC6'
The changelog for that says:
+o Included David's major massping migration project. The same
+ underlying engine is now uses for ping scanning as for port
+ scanning. We hope this will lead to better performance and
+ accuracy, as well as helping to de-bloat Nmap. Please test it out
+ and report your results to nmap-dev! For more details, see
the test I ran was:
time sudo nmap --host_timeout 2000 -n -sP -PE a.b.0.0/16 -oG - | grep
'Status: Up' -c
I verified that with the previous rev
(f501df2e2a74f0bc8ce35a9ddc67d6864afddf96) the results are:
with d37f15389455ff474c00223cbf18be4117cedd76 the results are:
so it runs in 1/10th the time, but finds 1/10th the hosts.
I also tested this with nmap-4.85BETA7:
and svn HEAD:
As a workaround I changed the timeout to 30000. That finds the expected
number of hosts, and runs in about 13 minutes.
Tests were ran on linux 2.6.26.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
- massping issue Justin Azoff (Apr 02)