Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap questions

From: Pho Man <ph0k1n () yahoo com>
Date: Fri, 4 Jun 2004 16:57:42 -0700 (PDT)
Hi Steven,

I am not 100% sure, but I think this tends to happen
when the target machine(s) don't have enough UDP ports
open.  As to how to fix that, I couldn't say.  But
that's been my experience with NMap typically.

Hope that helps.  :)

--Pho

--- "Steven A. Fletcher" <sfletcher () integrityts com>
wrote:

I'm not sure if this is the right place to ask this
or not, but I
thought I would give it a try.

I have run into an interesting problem when trying
to UDP port scans
with nmap.  TCP SYN scans work fine, but if I try
doing a UDP scan, it
comes back with "Too many drops ... increasing
senddelay" numerous times
in a row.  It does seem that if I leave the scan
running long enough, it
eventually completes the scan.  On a very small
network, this is not a
problem.  However, on larger networks, I do not wish
to wait that long.
Also, it happens on an internal network, so the
problem does not appear
to be that the hosts are behind a firewall.

I have been trying to do what I can to have the scan
finish in a fairly
reasonable amount of time, so I was hoping to
improve the performance,
if possible.  A Google search returned nothing
helpful, so that is why I
am trying here.

Just in case it is needed, here is the command line
I am using:

              nmap -sS -sU -O -v -oA test -T3 -F
--min_parallelism 100
192.168.1.0/24

Also, the machine is running MandrakeLinux 9.2 and
kernel version
2.4.26.

Any help is greatly appreciated.

Steve Fletcher
Senior Network Engineer, MCSE, Master ASE, CCNA
Integrity Technology Solutions
Phone: (309)664-8129
Toll Free: (888) 764-8100 ext. 129
Fax: (309) 662-6421
sfletcher () integrityts com




---------------------------------------------------------------------------

Ethical Hacking at the InfoSec Institute. Mention
this ad and get $545 off
any course! All of our class sizes are guaranteed to
be 10 students or less
to facilitate one-on-one interaction with one of our
expert instructors.
Attend a course taught by an expert instructor with
years of in-the-field
pen testing experience in our state of the art
hacking lab. Master the skills
of an Ethical Hacker to better assess the security
of your organization.
Visit us at:


http://www.infosecinstitute.com/courses/ethical_hacking_training.html



----------------------------------------------------------------------------






        
                
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/ 

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: