Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: question about host-timeout
From: David Fifield <david () bamsoftware com>
Date: Fri, 18 Feb 2011 13:16:44 -0800

On Wed, Feb 16, 2011 at 10:19:01AM -0600, Tim Rupp wrote:
Hi folks,

I had a question about the host-timeout. I have a firewall which is
rejecting connections, as opposed to dropping silently, and nmap is
timing out the scan.

From what I observe, it seems to me even if nmap is receiving
rejections, it will still time out the host. Is that the case? Or am I
reading that wrong.

I guess I figured that if nmap was still receiving _something_ from the
host, that it would not time it out. Where as if it was receiving
nothing from the host, due to dropped packets, that it would then time
the host out.

The host timeout is an absolute limit on the amount of time that will be
spent on a host, not a limit on how long to wait without a response. If
the timeout is too short, the host will be skipped regardless if it's
receiving replies.

One of the purposes of having a host timeout is to avoid spending too
much time in the face of RST rate-limiting and the like, which otherwise
can slow down a scan a lot.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault