Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap performance -> timeout issue

From: MadHat <madhat () unspecific com>
Date: Wed, 13 Apr 2005 14:49:01 -0500
On Apr 13, 2005, at 2:22 PM, Maarten Hartsuijker wrote:

One point missing...  version of nmap?  I ran into a problem with some

Latest version (3.81). Tried the RPM as well as a custom compiled 
version: same issues. I just tried setting max_scan_delay to 0. Nmap 
now no longer mentions the need for increasing the send delay, but 
nevertheless, the problems remain.


I also found that nmap would stall some times on a single host, which 
is why I originally wrote my nmap wrapper to run X number of nmap 
processes in parallel.  I think at last count I was scanning more 
than 180K IPs in less than 16 hours, but I had ICMP enabled for all 
my hosts to/from my monitoring host.

I know nmap will probably be able to do better timing if ICMP is 
enabled, but I prefer the the audit machine not to have any special 
privileges when performing scans.


Well, technically ICMP is open to the world on those hosts... so it 
wasn't special.


 I could run more processes in parallel, by wrapping up some threads 
from a script, but I think the min_hostgroup option I'm using should 
achieve more or less the same. Although an improvement of this option 
might be to have it start new hosts after the first one is finished. 
Currently I'm scanning 52 hosts simultaniously. 45 hosts that have no 
open ports perform as they should and finish within the hour. 7 hosts 
with open ports take about 9,5 hour to complete. It would be nice if 
it were possible to instruct nmap to start scanning host 53 as soon as 
the first one is finished, in stead of waiting for all 52 to complete. 
But this just as a side note. I am really curious why some of the 
hosts take >9 hours to complete, even though I set all the possible 
timeout parameters....


My wrapper keeps X number of processes running, so as one finishes, it 
launches another.

My nmap tools are here...
http://www.unspecific.com/.go/nmap/



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Previous By Date Next
Previous By Thread Next

Current thread: