Nmap Announce mailing list archives
Re: Improving nmap performance
From: Lance Spitzner <lance () honeynet org>
Date: Fri, 30 Aug 2002 10:51:54 -0500 (CDT)
On Fri, 30 Aug 2002, Brad Powell wrote:
Not sure if this is commonly known, however I wanted to share something I've learned with nmap. As part of my job, I often do a great deal of scanning of firewalls, or scanning through firewalls. This can be VERY TIME consuming, as you get no response for each probe, a full scan (all 65000+ ports) of a firewall used to average me 3200 seconds. While teaching a class we were able to DRAMATCALLY reduce this for TCP scans to average 840 seconds. Using the following command line options --max_rtt_timeout 50 --max-parallelism 100Kewl, -BUT- is this also using "-p-" otherwise your -not- checking all the ports, only the "known" ones. I'd still expect to see vast speed improvments, but maybe not as great as those quoted.
Brad asks an AWESOME question! I forgot to say we got average scans of 840 seconds scanning ALL 65000+ ports with the tweaks above. All seven of our laptops that scanned the firewall, and through the firewall, found all the open and accessible ports, so we did not have any dropped packets from any of the clients. Note: this was one specific test incident in a closed, lab environment. Your mileage may vary :) lance -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Improving nmap performance Lance Spitzner (Aug 29)
- RE: Improving nmap performance Gang Xu (Aug 30)
- Re: Improving nmap performance Lamont Granquist (Aug 30)
- <Possible follow-ups>
- Re: Improving nmap performance Lance Spitzner (Aug 30)
- Re: Improving nmap performance Stu Green (Aug 30)