Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: question about host-timeout
From: Tim Rupp <tarupp () fnal gov>
Date: Fri, 18 Feb 2011 15:32:39 -0600

On 02/18/2011 03:16 PM, David Fifield wrote:
On Wed, Feb 16, 2011 at 10:19:01AM -0600, Tim Rupp wrote:
Hi folks,

I had a question about the host-timeout. I have a firewall which is
rejecting connections, as opposed to dropping silently, and nmap is
timing out the scan.

From what I observe, it seems to me even if nmap is receiving
rejections, it will still time out the host. Is that the case? Or am I
reading that wrong.

I guess I figured that if nmap was still receiving _something_ from the
host, that it would not time it out. Where as if it was receiving
nothing from the host, due to dropped packets, that it would then time
the host out.

The host timeout is an absolute limit on the amount of time that will be
spent on a host, not a limit on how long to wait without a response. If
the timeout is too short, the host will be skipped regardless if it's
receiving replies.

One of the purposes of having a host timeout is to avoid spending too
much time in the face of RST rate-limiting and the like, which otherwise
can slow down a scan a lot.

David Fifield

Thanks for the clarification David.

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]