Nmap Development mailing list archives
massping migration and you
From: David Fifield <david () bamsoftware com>
Date: Tue, 28 Aug 2007 23:59:16 -0600
Hi nmap-dev, Recently checked in to /nmap is the result of almost two months of work known as the "massping migration". These changes make Nmap use its port-scanning function ultra_scan for discovering which hosts are up instead of an old special-purpose function called massping. Recall that Nmap usually pings hosts to see if they're up before port scanning them (http://insecure.org/nmap/man/man-host-discovery.html). This step is called host discovery, or ping scan. You can do just a ping scan without scanning any ports by using the -sP option. It is this functionality that these new changes affect. The benefits of this new system are a reduction in duplicated functionality throughout the code, and hopefully faster and more accurate host discovery in many cases. This has been a balancing act. There is some evidence that massping was too optimistic in the rate at which it would sometimes send packets. Therefore, while scan speed was a top priority in this new development, ultra_scan's more cautious congestion control algorithms mean that host discovery will sometimes be slower. Development on the new system has been careful, but so far it hasn't gotten much testing from users. Fyodor tells me that this will be in a release soon. So please download it and try out the new ping scan code. Run your favorite ping scans and report back with success or failure. Did the scans take much longer or shorter than you expected? Were any live hosts missed? Here are some tips for running useful tests. The new code mainly affects host discovery, so the results from -sP scans are the most useful. Normal port scans may be slightly improved, but this is incidental. Using the -n flag to disable name resolution makes it easier to compare results. When you're scanning your LAN, use the --send-ip option to keep from using ARP scan. And please send results from non-root TCP connect ping scans as well. Here are some good scans to run: nmap -n -sP --send-ip 192.168.0.0/24 nmap -n -sP -PS --unprivileged host nmap -n -sP -PS -T4 host/24 nmap -n -sP -PA1 -PS22,80,113 -PE -PM host David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- massping migration and you David Fifield (Aug 28)
- Re: massping migration and you Fyodor (Aug 28)
- Re: massping migration and you Kris Katterjohn (Aug 29)
- Re: massping migration and you Kris Katterjohn (Aug 29)
- Re: massping migration and you David Fifield (Aug 29)
- Re: massping migration and you Kris Katterjohn (Aug 29)
- Re: massping migration and you Brandon Enright (Aug 29)
- Re: massping migration and you Brandon Enright (Aug 29)
- Re: massping migration and you David Fifield (Aug 30)
- Re: massping migration and you Brandon Enright (Aug 30)
- Re: massping migration and you Brandon Enright (Aug 30)