Nmap Development mailing list archives
Re: FW: Bug in default ZENMAP GUI
From: David Fifield <david () bamsoftware com>
Date: Fri, 19 Feb 2010 10:21:18 -0700
On Mon, Jan 25, 2010 at 10:55:19PM -0800, Fyodor wrote:
On Fri, Jan 22, 2010 at 06:36:58PM -0700, David Fifield wrote:The default scan ("Intense scan") is nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389We picked this in August '08 [1] back when we only did 2 host discovery probes by default. But roughly a year later we expanded the default to four probes, so maybe we should remove all these ugly discovery options from the default now? They could also be removed from the many other shipped-by-default profiles which include them. This would leave the default profile as "nmap -T4 -A -v -PE [targets]". One exception is that we should probably leave enhanced discovery in the 'Slow comprehensive scan' profile, but we should check David's discovery research stats to ensure the choices are optimal.
Yes, that's a good idea. I just checked that in for the profiles that used -PE -PS22,25,80 -PA21,23,80,3389. Slow comprehensive scan ping is -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO That sends 14 ping probes. The highest number of probes for which I found a proven optimal result was 7, with -PO1 -PS80,443 -PA3389 -PP -PU40125 -PY --source-port 53 The 7-probe combination found 93.65% of available hosts. (Compare that to 87.74% for the 4 probes we use now.) I have lower bounds for 8- and 9-probe combinations, which are 94.71% and 94.98% respectively. Unfortunately I don't still have the scan files from the ping probe survey, otherwise I could calculate its effectiveness directly. What do you want to do with the Slow comprehensive scan, change it to the best 7-probe combination? For these results I'm referring to http://www.bamsoftware.com/wiki/Nmap/EffectivenessOfPingProbes, under "Exclusion of ACK-filtered host". David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- FW: Bug in default ZENMAP GUI Mick Alvey (Jan 22)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Jan 22)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Jan 25)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Feb 19)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Feb 19)
- Re: FW: Bug in default ZENMAP GUI Fyodor (Jan 25)
- Re: FW: Bug in default ZENMAP GUI David Fifield (Jan 22)