Re: NMAP performance patch (ICMP Unreachable rate limited)

[Andreas Ericsson <ae () op5 se>]

Alec H. Peterson wrote:
> Greetings,
>
> In April somebody posted a patch that really helps my performance when 
> scanning hosts that are protected by firewalls that give rate limited ICMP 
> destination unreachable messages for firewall violations.  I applied this 
> patch to 3.81, but it makes me wonder why it has not been accepted into the 
> actual distribution.  What are the consequences of using this patch?
>
> For reference, I found the patch at:
>
> <http://xtrmntr.org/ORBman/tmp/nmap/nmap-3.78-defeat_ICMP_ratelimit.patch>

That's one of Martin Méoks' (I'm nearly 100% sure I spelled the last 
name wrong) creations. I believe it was just submitted at a bad time 
when the Fyodor was revamping a lot of other functionality. It's quite 
possible it was just forgotten, but I seem to remember at least one user 
having problems with it not properly detecting some hosts when it's a 
router that does the limiting (as opposed to the final destination of 
the packet).

-- 
Andreas Ericsson                   andreas.ericsson () op5 se
OP5 AB                             www.op5.se
Lead Developer


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev