nmap on a scan server

[Juergen Schmidt <ju () ct heise de>]

Hello,

we are thinking about setting up a public self scan service. Of cause we
want to do the scans with nmap. We are planning to start the scans via ssh
on a dedicated machine to seperate this from the web server.

As we are expecting a huge load (especially in
the peaks) we need to make this as fast as possible. We are talking
about hundreds if not thousands of parallel scan requests.

Does anybody has experience with this kind of load?

Any kind of information is appreciated, especially:

Is it possible, to run many nmap instances in parallel?
Are there known limits?
Anybody with experience on running 100 nmap instances on one machine?

Do I have to expect weird results because of incoming packets not
delivered to the right nmap instance?

What are good timing options for a TCP Syn scan on port 1-1024, that
should be reliable *and* fast?

Is it making sense to start nmap directly via ssh or is it better, to have
a perl script as a wrapper on the scan machine?

bye, ju

PS: Accidently I sent this message first to nmap-hackers, because I
subscribed to this list ages ago and didn't realize, that it became
moderated in the meantime: So if the moderator is reading this: please
ignore my first mail ;-)

-- 
Juergen Schmidt   Leitender Redakteur/senior editor  c't magazin
Heise Zeitschriften Verlag,  Helstorferstr. 7,  D-30625 Hannover
Tel. +49 511 5352 300 FAX +49 511 5352 417  EMail ju () ct heise de



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).