RE: C++ Development

[Fyodor <fyodor () insecure org>]

On Sat, 9 Sep 2000, Jay Freeman (saurik) wrote:

> <important>
> I would be much happier making the scan last longer, but have 5 more ways of
> getting information from the remote host, one of which having the
> possibility of telling Nmap: "this scan is going to make you go crazy and
> take an hour to complete because this host is purposely blocking this kind
> of scan, or is running an OS that doesn't support it, don't waste an hour
> sitting there pretending to try it just to return that all the ports are
> 'open'".  This would go a long way towards speeding up scans than a small
> amount of low-level efficiency ever could.  Unfortunatly, in its current
> state, the chance that Nmap will ever have something like that is minimal.

Wait a minute.  Nmap can do that.  It defaults to a very-conservative slow
scan in some heavily filtered situations (because for all Nmap knows you
could be on a 300 bps link to Kazakhstan.  Nmap cannot speed up until it
gets responses so it can calculate timing & packet loss statistics.  But
you can always specify a different timing policy.  For example, try your
scans with '-T aggressive'.  And if you want, you can even get more
granular.  For example, --host_timeout will avoid Nmap wasting an hour to
scan a single host (your example above0).  There are a number of other
variables you can tweak if you want to (see the Timing section of the man
page).

Cheers,
-F



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).