Nmap Development mailing list archives
Re: nmap-dev Digest, Vol 80, Issue 25
From: Raphael Rodrigez <plumedelezard () gmail com>
Date: Thu, 17 Nov 2011 17:12:52 +0100
2011/11/16, nmap-dev-request () insecure org <nmap-dev-request () insecure org>:
Send nmap-dev mailing list submissions to nmap-dev () insecure org To subscribe or unsubscribe via the World Wide Web, visit http://cgi.insecure.org/mailman/listinfo/nmap-dev or, via email, send a message with subject or body 'help' to nmap-dev-request () insecure org You can reach the person managing the list at nmap-dev-owner () insecure org When replying, please edit your Subject line so it is more specific than "Re: Contents of nmap-dev digest..." Today's Topics: 1. problem with max retries (jeetika kataria) 2. Re: Removal of SVN externals (Luis MartinGarcia.) 3. Re: problem with max retries (David Fifield) 4. New VA Modules: OpenVAS: 3 (New VA Module Alert Service) 5. Re: problem with max retries (jeetika kataria) ---------------------------------------------------------------------- Message: 1 Date: Wed, 16 Nov 2011 13:11:32 +0100 From: jeetika kataria <jeetika.kataria () gmail com> Subject: problem with max retries To: nmap-dev () insecure org Message-ID: <CALQt5eD8kPnb-B-rKby98gpGswa-9zX5tUpSUqWcVcwj3owcrA () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I am doing a UDP port scan with -T4 template but i set the scan delay as 5s which is more than rtt timeout, according to this template the max retries option is set to 6 but after analyzing the scan it is seen that nmap is re transmitting a probe for each port only 2 times rather than 6. Whats the reason for this behavior of Nmap? ------------------------------ Message: 2 Date: Wed, 16 Nov 2011 13:00:40 +0000 From: "Luis MartinGarcia." <luis.mgarc () gmail com> Subject: Re: Removal of SVN externals To: David Fifield <david () bamsoftware com>, nmap-dev <nmap-dev () insecure org> Message-ID: <4EC3B3F8.10501 () gmail com> Content-Type: text/plain; charset=ISO-8859-1 On 11/15/2011 11:57 PM, David Fifield wrote:I'm about to commit a change to remove our SVN externals and replace them with real subdirectories. This is mainly aimed at making branching easier (you won't have to remember to also branch all the externals).Hi! I'd just like to say that I'm totally in favor of this change. Now it will be a lot easier to deal with branches, specially for those of us who use Git locally and then push the changes to the SVN. Thanks, David! Regards, Luis. ------------------------------ Message: 3 Date: Wed, 16 Nov 2011 09:53:14 -0800 From: David Fifield <david () bamsoftware com> Subject: Re: problem with max retries To: jeetika kataria <jeetika.kataria () gmail com> Cc: nmap-dev () insecure org Message-ID: <20111116175313.GA32321 () ignominy bamsoftware com> Content-Type: text/plain; charset=us-ascii On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:I am doing a UDP port scan with -T4 template but i set the scan delay as 5s which is more than rtt timeout, according to this template the max retries option is set to 6 but after analyzing the scan it is seen that nmap is re transmitting a probe for each port only 2 times rather than 6. Whats the reason for this behavior of Nmap?Nmap only uses all of its retires when it senses that the network is unreliable. The default is --max-retries 10, but it hardly ever sends 10 retransmissions. Sending a probe only two times is normal behavior. See this part of the man page: "The default (with no -T template) is to allow ten retransmissions. If a network seems reliable and the target hosts aren't rate limiting, Nmap usually only does one retransmission. So most target scans aren't even affected by dropping --max-retries to a low value such as three." David Fifield ------------------------------ Message: 4 Date: Wed, 16 Nov 2011 10:00:37 -0800 (PST) From: New VA Module Alert Service <postmaster () insecure org> Subject: New VA Modules: OpenVAS: 3 To: nmap-dev () insecure org Message-ID: <20111116180037.6E486B2005 () web insecure org> Content-Type: text/plain; charset="utf-8" This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == OpenVAS plugins (3) == r12126 103339 gb_sit_50632.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_sit_50632.nasl?root=openvas&view=markup Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities r12126 103340 gb_dlguard_50650.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_dlguard_50650.nasl?root=openvas&view=markup DLGuard 'index.php' Cross Site Scripting Vulnerability r12126 103338 gb_centreon_50568.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_centreon_50568.nasl?root=openvas&view=markup Centreon 'command_name' Parameter Remote Command Execution Vulnerability ------------------------------ Message: 5 Date: Wed, 16 Nov 2011 19:05:46 +0100 From: jeetika kataria <jeetika.kataria () gmail com> Subject: Re: problem with max retries To: nmap-dev () insecure org Message-ID: <CALQt5eBNvPgB8QpD-69gDUPZOEVO-GJMwQCoN4-hp1zp8ZJ5Lg () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Thank you for you reply. But I have one more question, if I set the scan delay more than the rtt time out value, will I get the accurate result? How will Nmap behave on this situation. On Wed, Nov 16, 2011 at 6:53 PM, David Fifield <david () bamsoftware com>wrote:On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:I am doing a UDP port scan with -T4 template but i set the scan delay as5swhich is more than rtt timeout, according to this template the maxretriesoption is set to 6 but after analyzing the scan it is seen that nmap isretransmitting a probe for each port only 2 times rather than 6. Whats the reason for this behavior of Nmap?Nmap only uses all of its retires when it senses that the network is unreliable. The default is --max-retries 10, but it hardly ever sends 10 retransmissions. Sending a probe only two times is normal behavior. See this part of the man page: "The default (with no -T template) is to allow ten retransmissions. If a network seems reliable and the target hosts aren't rate limiting, Nmap usually only does one retransmission. So most target scans aren't even affected by dropping --max-retries to a low value such as three." David Fifield------------------------------ _______________________________________________ nmap-dev mailing list nmap-dev () insecure org http://cgi.insecure.org/mailman/listinfo/nmap-dev End of nmap-dev Digest, Vol 80, Issue 25 ****************************************
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: nmap-dev Digest, Vol 80, Issue 25 Raphael Rodrigez (Nov 17)