Nmap Development mailing list archives
Re: scan-delay enforces serialization - why?
From: Martin Mačok <martin.macok () underground cz>
Date: Tue, 22 Jan 2008 12:06:43 +0100
On Mon, Jan 21, 2008 at 11:37:24AM -0800, Fyodor wrote:
A different desire is to tell Nmap to send fixed rate packets to _speed things up_.
Yes, that was the case, sort of. My colleague needed to set minimal scan delay (to evade IDS/IPS) while allowing parallel probing of ports (latency was higher than the minimal delay he needed to enforce). By using --scan-delay he was forced into one outstanding probe at a time which made searching for "hidden" ports very slow.
In that case, Nmap would basically ignore all of its timing controls and send at the given fixed rate.
No need for to drop it all, just allowing parallelism when --scan-delay is used would be enough for us.
This simple method is how port scanners such as ScanRand and UnicornScan work, and I'd like Nmap to have such an option too.
OK, I have nothing against having this "hardcore" option too ;-) Maybe there should be options like --initial-scan-delay, --min-scan-delay and --fixed-scan-delay to avoid confusion? Also "probe" may be a better buzzword instead of "scan" in this option because it is supposed to be a delay between the "probes" and not between the "scans". Thanks, Martin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- scan-delay enforces serialization - why? Martin Mačok (Jan 21)
- Re: scan-delay enforces serialization - why? Fyodor (Jan 21)
- Re: scan-delay enforces serialization - why? Martin Mačok (Jan 22)
- Re: scan-delay enforces serialization - why? Fyodor (Jan 21)