mailing list archives
Re: nmap scanning techniques and execution privileges
From: Guillaume Rousse <guillomovitch () gmail com>
Date: Thu, 22 Dec 2011 11:32:23 +0100
Le 21/12/2011 19:57, Brahim Sakka a écrit :
So how does nmap, when run as user without raw socket privileges, manage
to scan the same IP range in reasonable time, despite being unable to
optimize its run by using ICMP probes ? That's the curious part here.
So, how does the first nmap command, run as standard user without ICMP
optimisation, complete in just one hour, while the same command run as
root is more than 10 times slower ?
You said it. The "enhanced" version of the command will scan every
single host, while the first/second one only scanned these hosts that
replied to ICMP requests. You do the math :-)
Well, I don't need to visualize them myself, I need to produce
consolidated outputs for others to visualize them.
Also, if I can't have a magic set of options to discover all the running
servers in a single run, is there any way to merge results from two
different scans ?
Try importing both results in Zenmap.
BOFH excuse #365:
parallel processors running perpendicular today
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/