Increasing the Speed of Nmap Script Scanning

[Alex Holland <ajholland77 () gmail com>]

Hello,

I am working on discovering all hosts that respond to a single port with a
single nmap script. As such I'm working on increasing the speed of script
scanning so that I can perform multiple of these scans in a reasonable time
frame.

Currently I am seeding nmap by using IP's obtained through zmap that
respond to a specified port. I have a list of 1% of these hosts,
approximately 66,000 IP's and I would like this scan to run in about 10
minutes or less in order to be able to scan 100% of IPv4 at a reasonable
rate.

I have been using the following, -n -Pn -p and --script along with Timing
and Performance options:  --min-parallelism=X --min-hostgroup=X
--max-hostgroup=X --scan-delay=X --max-retries=X --min-rate=X
--min-rtt-timeout=X --host-timeout=X --initial-rtt-timeout=X
--max-rtt-timeout=X. I have been trying varying configurations of these
parameters over the past week in an attempt to speed up these scans.
However, no matter the configuration I attempt, nmap does not come close to
using the capabilities of the machine I am using nor respond with an
approximately close number of script successes in a decent amount of time.
The bandwith and ram of the machine I am running are much more than nmap is
currently using. Any advice you have on different parameters or options for
these parameters is much appreciated. Warm Regards, Alex Holland

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/