Nmap Development mailing list archives
nmap scan too slow and -n option
From: micro dev <microdev1 () yahoo com>
Date: Mon, 13 Sep 2004 18:42:09 -0700 (PDT)
Hi, NMAP scans for few subnets were taking lot of time to come back. Earlier, one class C subnet used to take 6 minutes on an average. But when I started scanning subnets in one location, scans took more than 15 minutes. I noticed that NMAP is not able to resolve hostname of IP addresses in the range. So I attributed the problem to DNS resolution rather than anything else in the network. So I tried scan with -n option and ran NMAP for few IP addresses. But to my surprise, scan with -n option is taking more than without it. What can be the reason behind this ? Also what can make scan go slower apart from DNS resolution ? I also see this warning for most of the IP addresses in the subnet. "Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port" Here's output from NMAP scans- first without -n option and second with -n option. # nmap 3.30 scan initiated Tue Sep 13 01:41:20 2004 as: nmap -sS -O -oN nmap56a.txt 192.168.80.156 Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port Insufficient responses for TCP sequencing (1), OS detection may be less accurate Interesting ports on 192.168.80.156: (The 1637 ports scanned but not shown below are in state: filtered) Port State Service 7/tcp open echo 9/tcp open discard 13/tcp open daytime 19/tcp open chargen 23/tcp open telnet 79/tcp open finger 80/tcp open http Device type: router|switch Running: Cisco IOS 11.X OS details: Cisco switch/router with IOS 11.1(7)-11.2(8.10) # Nmap run completed at Tue Sep 13 01:43:37 2004 -- 1 IP address (1 host up) scanned in 137.047 seconds # nmap 3.30 scan initiated Tue Sep 13 01:45:15 2004 as: nmap -sS -O -n -oN nmap56b.txt 192.168.80.156 Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port Insufficient responses for TCP sequencing (1), OS detection may be less accurate Interesting ports on 192.168.80.156: (The 1637 ports scanned but not shown below are in state: filtered) Port State Service 7/tcp open echo 9/tcp open discard 13/tcp open daytime 19/tcp open chargen 23/tcp open telnet 79/tcp open finger 80/tcp open http Device type: router|switch Running: Cisco IOS 11.X OS details: Cisco switch/router with IOS 11.1(7)-11.2(8.10) # Nmap run completed at Tue Sep 13 01:48:39 2004 -- 1 IP address (1 host up) scanned in 204.438 seconds __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- nmap scan too slow and -n option micro dev (Sep 13)
- Re: nmap scan too slow and -n option Bo Cato (Sep 13)
- Re: nmap scan too slow and -n option micro dev (Sep 13)
- Re: nmap scan too slow and -n option Fyodor (Sep 13)
- Re: nmap scan too slow and -n option micro dev (Sep 13)
- Re: nmap scan too slow and -n option Bo Cato (Sep 13)