Nmap Announce mailing list archives
Nmap 3.10 statistics patch
From: "Ossian Vitek" <ian.Vitek () ixsecurity com>
Date: Tue, 26 Nov 2002 10:14:40 +0100
The scan can go on for a while if you are scanning firewalled hosts. There are nmap switches to increase ports per second, but how much? I have added a switch that prints two lines of statistics. The new ?c switch guesses how long time the scan will take. Output example: Starting nmap V. 3.10ALPHA3 ( www.insecure.org/nmap/ ) Tried: 192 (150 resends) P/S: 12.00 ETS: 9 The ?c switch shows how many ports that has been tested, resends, ports per second and the estimated remaining time of scan. The patch works on nmap-3.10ALPHA3 and nmap-3.10ALPHA4. It will probably work on other nmap-3.10 releases. Patch with: tar -xvzf nmap-3.X.tgz cd nmap-3.X patch -p1 < PATH_TO/nmap-3.10ALPHA4_statistics-1.diff nmap-3.10ALPHA4_statistics-1.diff is a nmap hack. It is not an official nmap patch. Feel free to forward it if you like it. //Ian Vitek, iXsecurity ian.vitek () ixsecurity com nmap-3.10ALPHA4_statistics-1.diff ------------------------ cut -------------------------- diff -r -u nmap-3.10ALPHA3/NmapOps.h nmap-3.10ALPHA3IX/NmapOps.h --- nmap-3.10ALPHA3/NmapOps.h 2002-09-16 04:54:43.000000000 +0200 +++ nmap-3.10ALPHA3IX/NmapOps.h 2002-11-10 11:24:26.000000000 +0100 @@ -80,6 +80,7 @@ // setPacketTrace(false) has been called void setPacketTrace(bool pt) { pTrace = pt; } int verbose; + int count; int randomize_hosts; int spoofsource; /* -S used */ char device[64]; diff -r -u nmap-3.10ALPHA3/nmap.cc nmap-3.10ALPHA3IX/nmap.cc --- nmap-3.10ALPHA3/nmap.cc 2002-09-16 05:00:21.000000000 +0200 +++ nmap-3.10ALPHA3IX/nmap.cc 2002-11-10 10:07:53.000000000 +0100 @@ -172,6 +172,7 @@ { {"version", no_argument, 0, 'V'}, {"verbose", no_argument, 0, 'v'}, + {"count", no_argument, 0, 'c'}, {"debug", optional_argument, 0, 'd'}, {"help", no_argument, 0, 'h'}, {"max_parallelism", required_argument, 0, 'M'}, @@ -571,6 +572,7 @@ exit(0); break; case 'v': o.verbose++; break; + case 'c': o.count=1; break; } } @@ -1208,6 +1210,7 @@ " -p <range> ports to scan. Example range: '1-1024,1080,6666,31337'\n" " -F Only scans ports listed in nmap-services\n" " -v Verbose. Its use is recommended. Use twice for greater effect.\n" + " -c Counting stats\n" " -P0 Don't ping hosts (needed to scan www.microsoft.com and others)\n" "* -Ddecoy_host1,decoy2[,...] Hide scan using many decoys\n" " -6 scans via IPv6 rather than IPv4\n" diff -r -u nmap-3.10ALPHA3/scan_engine.cc nmap-3.10ALPHA3IX/scan_engine.cc --- nmap-3.10ALPHA3/scan_engine.cc 2002-09-16 06:39:58.000000000 +0200 +++ nmap-3.10ALPHA3IX/scan_engine.cc 2002-11-10 15:31:11.000000000 +0100 @@ -536,6 +536,8 @@ struct scanstats ss; int rawsd = -1; int scanflags = 0; + int itimes = 0; + int iresends = 0; int victim; int senddelay = 0; pcap_t *pd = NULL; @@ -545,6 +547,7 @@ int res; int connecterror = 0; int starttime; + int lastcheckedtime; struct sockaddr_storage sock; struct sockaddr_in *sin = (struct sockaddr_in *) &sock; #if HAVE_IPV6 @@ -700,6 +703,7 @@ } starttime = time(NULL); + lastcheckedtime = 0; if (scantype != SYN_SCAN) ack_number = get_random_uint(); @@ -912,6 +916,15 @@ current->state = PORT_TESTING; current->trynum = 0; /* if (!testinglist) testinglist = current; */ + if (o.count) { + itimes++; + if ( time(NULL) != lastcheckedtime ) { + lastcheckedtime = time(NULL); + log_write(LOG_STDOUT, "Tried: %5d (%d resends) \nP/S: %8.2f ETS: %7.0f \e[28D\e[A", itimes , iresends , (double) ( itimes ) / ( 1 + lastcheckedtime - starttime ) , (double) ( numports - itimes + iresends ) / ( (double) itimes / ( 1 + lastcheckedtime - starttime ) ) ); + log_flush(LOG_STDOUT); + } + } + ss.numqueries_outstanding++; gettimeofday(¤t->sent[0], NULL); if ((scantype == SYN_SCAN) || (scantype == WINDOW_SCAN) || @@ -1049,6 +1062,7 @@ current->state = PORT_FRESH; current->trynum = 0; current->sd[0] = current->sd[1] = current->sd[2] = -1; + iresends++; if (o.debugging) { log_write(LOG_STDOUT, "Preparing for retry, nonresponsive port %lu noted\n", current->portno); } @@ -1245,6 +1259,9 @@ int tries = 0; int tmp = 0; int starttime; + int lastcheckedtime; + int itimes = 0; + int iresends = 0; u16 newport; int newstate = 999; /* This ought to break something if used illegally */ struct portinfo *scan, *openlist, *current, *testinglist, *next; @@ -1334,6 +1351,7 @@ fatal("Unknown scan type for super_scan"); } starttime = time(NULL); + lastcheckedtime = 0; if (o.debugging || o.verbose) log_write(LOG_STDOUT, "Initiating %s against %s\n", scantype2str(scantype), target->NameIP(hostname, sizeof(hostname))); @@ -1416,6 +1434,14 @@ /* lets send a packet! */ current->state = PORT_TESTING; /* if (!testinglist) testinglist = current; */ + if (o.count) { + itimes++; + if ( time(NULL) != lastcheckedtime ) { + lastcheckedtime = time(NULL); + log_write(LOG_STDOUT, "Tried: %5d (%d resends) \nP/S: %8.2f ETS: %7.0f \e[28D\e[A", itimes , iresends , (double) itimes / ( 1 + lastcheckedtime - starttime ) , (double) ( numports - itimes + iresends ) / ( (double) ( itimes + iresends ) / ( 1 + lastcheckedtime - starttime ) ) ); + log_flush(LOG_STDOUT); + } + } numqueries_outstanding++; gettimeofday(¤t->sent[0], NULL); if (o.fragscan) @@ -1637,6 +1663,7 @@ for(current = openlist; current; current = (current->next >= 0)? &scan[current->next] : NULL) { current->state = PORT_FRESH; current->trynum = 0; + iresends++; if (o.debugging) { log_write(LOG_STDOUT, "Preparing for retry, open port %lu noted\n", current->portno); } ------------------------ cut -------------------------- -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Nmap 3.10 statistics patch Ossian Vitek (Nov 25)
- <Possible follow-ups>
- Nmap 3.10 statistics patch Ossian Vitek (Nov 26)