Re: scan-delay enforces serialization - why?

[Fyodor <fyodor () insecure org>]

On Mon, Jan 21, 2008 at 02:31:26PM +0100, Martin Mačok wrote:
> Hi,
> in some scenarios, it makes sense to define scan-delay but allow
> parallelization of probes (actually, when Nmap eases off due to lost
> packets, it does so automagically), but it is currently not possible
> to explicitely set this on cmdline:

When Nmap eases off due to lost packets, it is still supposed to
enforce the scan delay before a retransmission.  If it is not doing
so, that is a bug.

Hi Martin.  The point of --scan-delay is to slow the scan down for
cases such as hosts which rate limit responses to one ICMP port
unreachable per second.  It can also be useful for crappy target
machines which just can't handle a high speed port scan.  Though Nmap
tries to set a scan-delay when needed anyway.

A different desire is to tell Nmap to send fixed rate packets to
_speed things up_.  In that case, Nmap would basically ignore all of
its timing controls and send at the given fixed rate.  This simple
method is how port scanners such as ScanRand and UnicornScan work, and
I'd like Nmap to have such an option too.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org