Nmap Development mailing list archives
Re: Qscan in NSE: qscan.nse
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 08 Apr 2010 18:30:00 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/08/2010 06:02 PM, Ron wrote:
So, I'm using qscan for the first time and it's been running 12 minutes longer than any other script so far, with absolutely no debug output. It looks like it's sequentially scanning ports and it's up to 7000 or so (I'm doing all ports). We should maybe look at how we can make this run faster, or more parallel, or only against ports that were detected as open/closed. Thoughts?
Well, it already only goes against open and/or closed ports. Lowering the delay can certainly make it faster, but could cost accuracy depending on how far you go. A problem with making it faster is that it's a timing based scan, so I'm not too fond of making it parallel across ports. We're trying to find differences in times between ports, but we could create (or also mask) this ourselves by probing many ports at once. Maybe this can be shown to not cause problems? Cheers, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJLvmb3AAoJEEQxgFs5kUfuR8EP/3ERhpDQbBASBks77/XNwq1L jVQTX2Y6EcXkRV/Nez4/ql5b5j6UXYd5dCnH0hHIqpXyCO2d3EDRVr7S8BniI5K7 nU0DOl0JtznbLvoj+I6nfLrlE+sfP6myFbOCVTj30UqSZx7clQK6uqgC6rr9Ukwl /Og9I9Qe0aPsJ8rV2VTwWXTiEuoo0tt4QYQ39DMN6pKdnly1ZGj2zB6NcYs0sH7C mVt4c6bEvJalYLx7wVOsxEYnbm+UTi+GrT+a1Ddsb1d/Ui8J1yBZIDlxNLfqGbhV AqtKI928+mCnleR6ChkotcZaxcHaXIkoyCw/ug/e2GaEdfyljqJKju1t6uYT27FS aN2Ah7h1QVVsiCXdfedQoFQgXz6jmkiw/R6yD89RGNwtsc53YKQ33JYgrz30j4BR uyA5v8c+xwKOlj6HnNctvjtXPTrqcp6gG2G8bNQjR1qVpXYHBVKRr01wGD7uQHVT Hg50b/7RttuOKoR6fAVP2BhKkjWsYkxRkRehxgMrSiDfFXelApgYC0iZgI6bUyKY R4zGhuqPFEGS60XgGRqXffsCOmF4f7o9QEv6EpZdmW6qhnfM5t9Iugm15wJ7n2m2 5PSE3dvMQYF+Lvbi1EW0qAqeOzWYudXt4TMRXLzYsQpjcZ6rhDdx9u+DdkU/DBv9 88mCX6rcAtHWC+anUIdi =qSPD -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Qscan in NSE: qscan.nse Ron (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Apr 08)
- Re: Qscan in NSE: qscan.nse Ron (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 14)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Apr 15)
- Re: Qscan in NSE: qscan.nse David Fifield (Apr 21)
- Re: Qscan in NSE: qscan.nse doug (Apr 15)