Nmap Development mailing list archives
Re: Nmap & Stateful Firewalls
From: David Fifield <david () bamsoftware com>
Date: Fri, 16 Jan 2009 15:35:42 -0700
On Fri, Jan 16, 2009 at 03:20:49PM -0500, Ron Dembo wrote:
Short story: I was wondering if there's a way to hard limit the connections that a Nmap scan makes so that it won't completely fill a stateful firewall. I've read the Nmap man page and documentation and none of the performance options I see given there will guarantee that Nmap will only open up a max of X number of connections at any given time. I've tried timeouts, delays between packets, etc to no avail. Does anyone have any suggestions?
--max-parallelism should be what you want. That puts an absolute cap on the number of connections that will be open at a time. It defaults to 300, though scans don't necessarily get up that high. --max-rate might help too; that puts a limit on how fast connections are made, without regard to how many are open at once. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap & Stateful Firewalls Ron Dembo (Jan 16)
- Re: Nmap & Stateful Firewalls David Fifield (Jan 16)
- Re: Nmap & Stateful Firewalls Brandon Enright (Jan 16)