On Wed, Feb 16, 2011 at 10:19:01AM -0600, Tim Rupp wrote:
I had a question about the host-timeout. I have a firewall which is
rejecting connections, as opposed to dropping silently, and nmap is
timing out the scan.
From what I observe, it seems to me even if nmap is receiving
rejections, it will still time out the host. Is that the case? Or am I
reading that wrong.
I guess I figured that if nmap was still receiving _something_ from the
host, that it would not time it out. Where as if it was receiving
nothing from the host, due to dropped packets, that it would then time
the host out.
The host timeout is an absolute limit on the amount of time that will be
spent on a host, not a limit on how long to wait without a response. If
the timeout is too short, the host will be skipped regardless if it's
One of the purposes of having a host timeout is to avoid spending too
much time in the face of RST rate-limiting and the like, which otherwise
can slow down a scan a lot.