Re: Nmap 4.21ALPHA4 DNS resolve timeout

[Henrik Zagerholm <henke () mac se>]

26 jun 2007 kl. 13:14 skrev Eddie Bell:

> On 26/06/07, Henrik Zagerholm <henke () mac se> wrote:
> > Sorry for being unclear but the output from my ruby script example is
> > regexped so it doesn't return the same input.
> > The bottom line is that my script is almsot 10 times faster than a
> > single nmap call.
> > How can that be.
>
> Ah sorry, I misread your email, you do -sP both times. The results are
> strange, perhaps it is something to do with being on a private
> network. Have you tried the same thing on a public network?
No I haven't but as this network is using Windows DNS it might be  
better testing against a public bind or similar server.
I don't know much about the nmap internals but can it have something  
to do that the DNS server try to prevent overloading and therefore  
handles single request with many IPs differently than multiple requests?
> > Question number 2 is that if I do  nmap -sL 10.0.0.5 and that IP
> > doesn't have an entry in the DNS that call takes about 15 seconds.
> > How can I set a timeout on this?
>
> The DNS timeouts do not look like they not related to any command line
> argument, instead they are defined in nmap_dns.c along with a group of
> other performance parameters.  If you are desperate to improve the
> speed you could edit these values but you may sacrifice reliability.

Ahh ok, then I might use nslookup or dig in which I can set timeouts.
Would be nice though if I could control it from the command line. I'm  
aware of the reliability issue when tampering with timeouts =)

Thanks for your input!

cheers,
henrik
> - eddie
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org