Nmap Development mailing list archives
Re: -Pn, should I use it or not?
From: Jacek Wielemborek <d33tah () gmail com>
Date: Fri, 27 Mar 2015 01:26:23 +0100
W dniu 27.03.2015 o 00:29, Hongyi Zhao pisze:
Hi all, When I do a port scanning with the following parameters: nmap -T4 -n -p60088 --max-retries 1 --script "+socks-open-proxy and not http-*" 50.57.77.252 Should I also add the -Pn switch to it or not? I mean, taking the results' correctness and efficiency into account, should I add it or not. Any hints? Regards
(note that it's late here and I'm a bit sleepy) If you know that the host is up, it's pointless. Without -Pn, Nmap by default does "-PE -PS443 -PA80 -PP" and an ARP ping if possible. This means a SYN to port 80, an ACK to 443, ICMP echo and address mask query. If all of them fail, you'd get a false negative. The script wouldn't run without a port open anyway, so I don't think there's any gain to not using -Pn in your case.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- -Pn, should I use it or not? Hongyi Zhao (Mar 26)
- Re: -Pn, should I use it or not? Jacek Wielemborek (Mar 26)
- Re: -Pn, should I use it or not? Hongyi Zhao (Mar 26)
- Re: -Pn, should I use it or not? Jacek Wielemborek (Mar 26)