Nmap Announce mailing list archives
Re: Safe scanning
From: "Alek O. Komarnitsky" <alek () ast lmco com>
Date: Tue, 21 Mar 2000 18:49:08 -0700 (MST)
I kinda started this thread when I mentioned that it appeared I knocked down a couple of machines w/nmap. I posted a summary of my findings a few days ago, but in a nutshell, I applied a patch, turned off a few services in inetd, and changed my nmap options FROM/TO: FROM: -p "list-of-ports" --initial_rtt_timeout 300 --host_timeout 5000 TO: -p "list of ports" --initial_rtt_timeout 500 --host_timeout 15000 -sT Note that I'm doing this because I prefer my web interface to return the results PDQ which is more important to me than total completeness. My guess would be some half-open connections were left open because of the agressive timeouts and that confused a few machines. There were a few people that wrote to me saying nmap had clobbered a few "weak" IP stacks - one person said they had to buy lots of beer to make up for it! ;-) I'm in no way "disparaging" nmap (GREAT tool!) ... just letting folks know my experiences. Since I've done the things above, I've hammered the crap out of a few dozen Solaris & HP-UX hosts and have had no problems. alek
Current thread:
- Safe scanning Teolicy (Mar 21)
- Re: Safe scanning andy lowton (Mar 21)
- Re: Safe scanning Bruce Fraser (Mar 21)
- <Possible follow-ups>
- Re: Safe scanning Jonathan Day (Mar 21)
- Re: Safe scanning Alek O. Komarnitsky (Mar 21)
- Re: Safe scanning James D. Watson (Mar 21)