Security Basics mailing list archives

Re: how to find out a list of available ftp servers on LAN

From: Turbo <sandeep_kr () students iiit net>
Date: Sat, 5 May 2007 22:27:16 +0530 (IST)

I wonder why are the results not the same for both of us. On mynetwork :-

$ time nmap -n -P0 -sT -p 21 -oG out  --max-retries 0 -iL IPs.txt
...
...

Nmap finished: 8960 IP addresses (8960 hosts up) scanned in 264.766seconds


real    4m24.861s
user    4m8.116s
sys     0m2.164s

$ time ./NetworkScanner 21 255 IPs.txt
...
...
real    1m42.182s
user    0m0.264s
sys     0m2.284s

The reason seems to be the no. of addresses to scan. Here I am trying toscan 8960 addresses. For 256 addresses here are the results( which issimilar to yours):-

$ time nmap -n -P0 -sT -p 21 -oG out  --max-retries 0 -iL IPs.txt
...
...
Nmap finished: 256 IP addresses (256 hosts up) scanned in 0.976 seconds

real    0m0.984s
user    0m0.112s
sys     0m0.036s

$ time ./a.out 21 255 IPs.txt
...
...
real    0m3.155s
user    0m0.008s
sys     0m0.136s

I did all my fine-tuning using 8960 IPs, and I found nmap was slower. Butthis example makes me believe that I can still fine-tune nmap better. Iwill try and update you.

Thanks.

On Sat, 5 May 2007, Pranay Kanwar wrote:

Hi,

Looking at your problem nmap can do it faster :)
( kindly ignore the ip class :) )

%time ./propecia 172.31.1 21
172.31.1.11
172.31.1.15
172.31.1.24
172.31.1.41
172.31.1.60

real    0m1.029s
user    0m0.000s
sys     0m0.008s

%time nmap -n -P0 -sT -p 21 -oG out  --max-retries 0 172.31.1.0/24
&>/dev/null ; grep open out

real    0m0.916s
user    0m0.036s
sys     0m0.037s
Host: 172.31.1.11 ()    Ports: 21/open/tcp//ftp///
Host: 172.31.1.15 ()    Ports: 21/open/tcp//ftp///
Host: 172.31.1.24 ()    Ports: 21/open/tcp//ftp///
Host: 172.31.1.41 ()    Ports: 21/open/tcp//ftp///
Host: 172.31.1.60 ()    Ports: 21/open/tcp//ftp///

The option -P0 don not ping host before scanning, -n no reverse dns
resolution, max retries 0 , all these options make nmap sort of
*similiar* to propecia.

Note: nothing beats nmap :D.

Regards,

warl0ck // MSG
http://www.metaeye.org


--
I do know everything, just not all at once. It's a virtual memory problem.
Home Page : http://students.iiit.ac.in/~sandeep_kr
Blog : http://sandy007smarty.blogspot.com

Current thread:

RE: how to find out a list of available ftp servers on LAN Troy Robinson (May 01)
- Re: how to find out a list of available ftp servers on LAN John Mason Jr (May 01)
- RE: how to find out a list of available ftp servers on LAN Turbo (May 03)
  - Re: how to find out a list of available ftp servers on LAN Pranay Kanwar (May 04)
    - Re: how to find out a list of available ftp servers on LAN Turbo (May 04)
    - Re: how to find out a list of available ftp servers on LAN Pranay Kanwar (May 04)
    - Re: how to find out a list of available ftp servers on LAN Turbo (May 07)
    - Re: how to find out a list of available ftp servers on LAN Pranay Kanwar (May 07)
    - Re: how to find out a list of available ftp servers on LAN Turbo (May 07)
    - Re: how to find out a list of available ftp servers on LAN Pranay Kanwar (May 07)
- <Possible follow-ups>
- Re: how to find out a list of available ftp servers on LAN Lukasz Szmit (May 01)
  - Re: how to find out a list of available ftp servers on LAN Turbo (May 01)
- Re: how to find out a list of available ftp servers on LAN Turbo (May 01)
- Re: how to find out a list of available ftp servers on LAN Justin Ross (May 01)
- Re: how to find out a list of available ftp servers on LAN Jason Ross (May 02)
- Re: how to find out a list of available ftp servers on LAN killy (May 03)