Penetration Testing mailing list archives
RE: Nmap scanning speed
From: "Tate Hansen" <tate () ClearNetSec com>
Date: Fri, 11 Nov 2005 20:15:46 -0700
I think the answer is no. We had new quad dual core opteron systems w/16GB of RAM (~$35k each) running 8 unique nmap processes, with the following options: /usr/local/bin/nmap -vv -sS -P0 -p 1-65535 -n --min_hostgroup 100 --max_rtt_timeout 1250 --min_parallelism 100 <a_/24_block> We were scanning a /16, but broke the nmaps down on /24 blocks. All the parallel nmap "services" scans (1668 ports) worked fine (~40 hours to complete the /16 using options above). When doing a 65k TCP port scan, the systems start off fast but quickly slow down. Each nmap became very memory hungry (consuming 1.2Gbytes per process). After 30+ hours or so, we were only pushing ~550 packets/s. These systems are running SuSE Linux Enterprise Server 9 (x86_64); all defaults and running nmap version 3.93. I think the alternatives are better for large port scanning efforts (unicorn or scanrand), unless you are simply performing a services scan or something comparable. -Tate Tate Hansen ClearNet Security -----Original Message----- From: Trent () yahoo co uk [mailto:Trent () yahoo co uk] Sent: Thursday, November 10, 2005 12:13 PM To: pen-test () securityfocus com Subject: Nmap scanning speed I have to scan a large network. is it possible to get good port scanning speed of over 700 ports per second from nmap? if so what is the kind of hardware required? hsa thank you in advance ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Nmap scanning speed Trent (Nov 10)
- Re: Nmap scanning speed Justin (Nov 11)
- Re: Nmap scanning speed ilaiy (Nov 11)
- Re: Nmap scanning speed Chris Moody (Nov 21)
- RE: Nmap scanning speed Tate Hansen (Nov 13)
- Re: Nmap scanning speed robert (Nov 15)
- RE: Nmap scanning speed Tony Carter (Nov 15)
- <Possible follow-ups>
- Re: Nmap scanning speed annika2002 (Nov 14)
- Re: Nmap scanning speed jgervacio (Nov 15)
- RE: Nmap scanning speed Chris Fahey (Nov 21)
- Re: Re: Nmap scanning speed tarunthenut (Nov 25)