Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: problem with max retries

From: jeetika kataria <jeetika.kataria () gmail com>
Date: Wed, 16 Nov 2011 19:05:46 +0100
Thank you for you reply. But I have one more question, if I set the scan
delay more than the rtt time out value, will I get the accurate result? How
will Nmap behave on this situation.

On Wed, Nov 16, 2011 at 6:53 PM, David Fifield <david () bamsoftware com>wrote:


On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:

I am doing a UDP port scan with -T4 template but i set the scan delay as

5s

which is more than rtt timeout, according to this template the max

retries

option is set to 6 but after analyzing the scan it is seen that nmap is

re

transmitting a probe for each port only 2 times rather than 6. Whats the
reason for this behavior of Nmap?


Nmap only uses all of its retires when it senses that the network is
unreliable. The default is --max-retries 10, but it hardly ever sends 10
retransmissions. Sending a probe only two times is normal behavior. See
this part of the man page:

       "The default (with no -T template) is to allow ten
       retransmissions. If a network seems reliable and the target
       hosts aren't rate limiting, Nmap usually only does one
       retransmission. So most target scans aren't even affected by
       dropping --max-retries to a low value such as three."

David Fifield


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: