Nmap Development mailing list archives
Re: Qscan in NSE: qscan.nse
From: Ron <ron () skullsecurity net>
Date: Thu, 8 Apr 2010 18:33:47 -0500
On Thu, 08 Apr 2010 18:30:00 -0500 Kris Katterjohn
Well, it already only goes against open and/or closed ports.
Hmm, I thought the host I was scanning had all filtered ports (except a few), but I'll have to validate. Perhaps we should only check common ports (maybe top 1000?) by default?
Lowering the delay can certainly make it faster, but could cost accuracy depending on how far you go. A problem with making it faster is that it's a timing based scan, so I'm not too fond of making it parallel across ports. We're trying to find differences in times between ports, but we could create (or also mask) this ourselves by probing many ports at once. Maybe this can be shown to not cause problems?
Agreed. I don't want to sacrifice accuracy, I'd like to find some middle ground, though. -- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Qscan in NSE: qscan.nse Ron (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Apr 08)
- Re: Qscan in NSE: qscan.nse Ron (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 08)
- Re: Qscan in NSE: qscan.nse Brandon Enright (Apr 14)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Apr 15)
- Re: Qscan in NSE: qscan.nse David Fifield (Apr 21)
- Re: Qscan in NSE: qscan.nse doug (Apr 15)