Nmap Announce mailing list archives

Re: Safe scanning

From: "Alek O. Komarnitsky" <alek () ast lmco com>
Date: Tue, 21 Mar 2000 18:49:08 -0700 (MST)

I kinda started this thread when I mentioned that it appeared I knocked down 
a couple of machines w/nmap. I posted a summary of my findings a few days ago,
but in a nutshell, I applied a patch, turned off a few services in inetd,
and changed my nmap options FROM/TO:
   FROM:  -p "list-of-ports" --initial_rtt_timeout 300 --host_timeout 5000
   TO:    -p "list of ports" --initial_rtt_timeout 500 --host_timeout 15000 -sT
Note that I'm doing this because I prefer my web interface to return
the results PDQ which is more important to me than total completeness.

My guess would be some half-open connections were left open because of
the agressive timeouts and that confused a few machines. There were a
few people that wrote to me saying nmap had clobbered a few "weak" IP
stacks - one person said they had to buy lots of beer to make up for it!   ;-)

I'm in no way "disparaging" nmap (GREAT tool!) ... just letting folks
know my experiences. Since I've done the things above, I've hammered the
crap out of a few dozen Solaris & HP-UX hosts and have had no problems.

alek

Current thread:

Safe scanning Teolicy (Mar 21)
- Re: Safe scanning andy lowton (Mar 21)
- Re: Safe scanning Bruce Fraser (Mar 21)
- <Possible follow-ups>
- Re: Safe scanning Jonathan Day (Mar 21)
- Re: Safe scanning Alek O. Komarnitsky (Mar 21)
- Re: Safe scanning James D. Watson (Mar 21)