Home page logo

nmap-dev logo Nmap Development mailing list archives

SYN-scan and TCP-connect scan time difference .
From: Anton Konvalyuk <w.o.l.f.paradox () mail ru>
Date: Thu, 23 Jan 2014 20:33:08 +0400


I was scanning a large network (/18). I've noticed strange  occasion. When I use 'sudo nmap --open -T4 -F -oX report 
xxx.xxx.xxx.xxx/18', scanning lasts for more than 2 hours. But if I use  'nmap --open -T4 -F -oX report 
xxx.xxx.xxx.xxx/18' it takes approximately 2 minutes. And no big difference when using '-n' option.

Could you tell what the reason is? The only information I've found is http://seclists.org/nmap-dev/2006/q1/370. So why 
is TCP-connect faster than SYN-scan? And why is the difference really big?

Nmap version: 6.00
OS: Debian 6.0 x86_64

Best regards
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]