Security Basics mailing list archives
Re: nmap udp scan takes too long
From: Fyodor <fyodor () insecure org>
Date: Wed, 11 Jul 2012 19:06:57 -0700
On Thu, Jul 05, 2012 at 08:55:02AM +0200, pentester wrote:
I agree that nmap is a cool tool. It just ain't the right tool to do a udp scan. The reason is that it waits for a response, if no response, then it retries a couple of times. There is no need to.
Retransmissions are important for reliable results, because packet loss and response rate limiting are regular occurrences on networks. But if you really want Nmap to disable retransmissions, specify "--max-retries 0".
Another scanner solves this issue. unicornscan typically scans al 64k ports in 3 minutes and 45 seconds when you use a scan rate of 300 packets per seconds
300 packets per second won't help if the target host rate limits ICMP port unreachable responses to one per second. That is very common on Linux and other systems. So 299 of your 300 packets per second are wasted and--even worse--lead to inaccurate results. Unicornscan won't catch this because, as you note, it doesn't do any sort retransmissions or congestion control. But if that is what you really want, Nmap lets you do it too. Specify "--min-rate 300" for 300 packets per second. Nmap's performance options are all documented at: http://nmap.org/book/man-performance.html I'm also happy to report that we released Nmap 6 in May, with hundreds of improvements as described at: http://nmap.org/6
unicornscan beats nmap as it comes to udp scanning. It's just a matter of using the right tools for the job.
Suit yourself. Their latest was in 2007 and you can download it from http://www.unicornscan.org/ Cheers, Fyodor ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: nmap udp scan takes too long anonymous (Jul 04)
- Re: nmap udp scan takes too long pentester (Jul 05)
- Re: nmap udp scan takes too long Armando Quintananieves (Jul 05)
- Re: nmap udp scan takes too long Fyodor (Jul 16)
- Re: nmap udp scan takes too long pentester (Jul 16)
- Re: nmap udp scan takes too long pentester (Jul 05)