Nmap Development mailing list archives
Re: Nmap probes per port
From: Paul Johnston <paul () westpoint ltd uk>
Date: Fri, 19 Mar 2004 10:29:20 +0000
Hi,I guess you're using a connect() scan? The large number of retries occurs because the kernel retries sending the SYN several times for each connect, while nmap also retries calling connect. Using SYN scan will reduce the number of retries to 6, which I believe is around the right number. However I've found the timing of SYN and connect scan to be almost identical. You may want to consider using a fixed rate port scanner, such as scanrand.
Paul
Nmap-3.50 sends approx 16 TCP SYNs for a filtered port. My aim is to reduce the time taken to do a full port scan and by sending less probes per port be slightly more stealthy. Ideally I'd like one probe per port sent, I know this may affect the reliability of the results.
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paul () westpoint ltd uk web: www.westpoint.ltd.uk ---------------------------------------------------------------------For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Nmap probes per port Tirath Rai (Mar 18)
- Re: Nmap probes per port MadHat (Mar 18)
- Re: Nmap probes per port Paul Johnston (Mar 19)