Security Basics mailing list archives
Re: nmap udp scan takes too long
From: anonymous <nighthawk2600 () gmail com>
Date: Wed, 4 Jul 2012 14:16:49 -0700
On 06/29/2012 05:32 AM, pentester wrote:
Reason is that nmap waits for a response, retries, waits etc. Once it decides the port is not responding it continues. There is a little smartness, because nmap tries different ports simultaneously. Another scanner solves this issue. unicornscan typically scans al 64k ports in 3 minutes and 45 seconds when you use a scan rate of 300 packets per seconds To my knowledge, unicornscan is today still the best way to do a udp scan. Possible issue is that it is available in Linux only. I have not seen working versions on Windows or Mac (although I expect in theory it should be possible to get it working on Mac). Cor On Jun 29, 2012, at 9:13 AM, a bv wrote:Hi, Using mosly zenmap , udp scan takes so long mostly . I try to scan all ports 1-65535 but also i do that at tcp scan too at the same port range but tcp scan takes too little time according to udp. I start to udp scan a few local hosts and after a day when i turn to the screen i see that it gives %40.3 etc and not completed yet (not sure if it still continues to scan). What can be the reason and what is the best /efficient way to do a udp scan? Regards ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Well yes ofcourse Nmap UDP scans are going to take some time to scan this is a well known fact. Open and filtered ports rarely send any kind of response which leaves nmap to time-out and the retry transmissions just in case the the probe or scan was lost. Linux in general usually is very strict about sending out ICMP port unreachable messages and usually limits this to 1 ICMP port unreachable message per second which is another big reason why UDP scans take a very long. Also remember that scans like UDP or full scans where you are scanning all 65,000+ ports instead of the default popular 1,000 ports which nmap scans by default should be ran in the background and you can come back to scans later and view or compare your results. There are however a few things you can do to speed up UDP scans with Nmap. 1. Try scanning popular UDP ports first. By using the (-F) option i believe nmap will scan the most popular 100 UDP ports and this tends to finish very quickly. You can do this first then go back to doing a full UDP scan in the background if you need results quickly. 2. Try setting --version-intensity 0 This tells nmap to only try probes that are probably going to be the most effective against the target network. 3. Try using --host-timeout to skip slow responding hosts. There are other things you can do to improve the overall performance of nmap but these are just some quick suggestions to get you started. Again nmap is probably the greatest tool out there, and there are so many things that you can do with it. Most people only use probably 10% of nmap's potential. I would suggest getting the nmap book by fyodor, it is sometimes a difficult read but it is a great book for sure. -nighthawk ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: nmap udp scan takes too long anonymous (Jul 04)
- Re: nmap udp scan takes too long pentester (Jul 05)
- Re: nmap udp scan takes too long Armando Quintananieves (Jul 05)
- Re: nmap udp scan takes too long Fyodor (Jul 16)
- Re: nmap udp scan takes too long pentester (Jul 16)
- Re: nmap udp scan takes too long pentester (Jul 05)