Re: OS Scan & Print Port Output after host timeout

[Fyodor <fyodor () insecure org>]

On Sat, Aug 10, 2002 at 04:31:31PM -0500, Johnson, Greg wrote:

> (1) After a host_timeout, could nmap be made to print port output it
>      may have accumulated?  Nmap worked so hard to get that info,
>      it's a pity to flush it away.

I'm not convinced that this is worth doing in the base Nmap
distribution for the reasons I discussed at
http://lists.insecure.org/nmap-dev/2001/Jan-Mar/0001.html .  Instead,
I am focusing on making the "slow scans" much quicker.  For example,
see the new --min_parallelism option.  I also hope to make SYN scans
against massively firewalled hosts much faster even without that
option.  Unfortunately, UDP scans against certain hosts may always
take many hours due to problems like 1-icmp-unreach/second
limitations.  But at some point I may parallelize the scans of
multiple hosts.  24 hours per 50 machines still kinda sucks, but it is
far better than 24 hours per machine!

I also want Nmap to give more feedback about progress on a certain
host (with suitable verbosity (-v) level).

> (2) I'd also like after a host_timeout, for nmap to try an os_scan
>     if -O was requested.  Slashing from osscan.c 28 lines that deal
>     with global timeout gets me what I want.  Is it safe to presume

I dunno ... then I'm sure to get from complaints from people who want
host_timeout to really mean "timeout the host afte the given amount of
time".  As you noted, it is easy to make these sorts of changes to
your personal version of Nmap.  Woohoo for open source!

> (3) Finally, I'd like a SIGHUP to cause nmap to persevere as above:
>     do any os_scan, print port output, and continue with any
>     subsequent host.  That requires a little restructuring nmap.c.

Interesting idea.

Cheers,
Fyodor

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).