Slow name-resolution of very large target list

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

I have a very large list (millions) of machines by name that I want to
scan on a port using -iL.  I've done this before with millions of
IP addresses and had no trouble but as names the targets are resolving
extremely slowly.

Here is the command I'm using:

nmap -iL host-list.txt -n -v -d -T5 -P0 --randomize-hosts -p <port> -sV -oA host-scan

And here is a short excerpt of the host list:

historycy.pl
historydata.com
historyday.crf-usa.org
historydoc.edu.ru
historyexam.hit.bg
historyforkids.utah.gov
historyfromthesea.net
historyhunters.coolasmustard.com
historyhuntersinternational.org
historyillinois.org

I've had the scan going for ~16 hours and only 40,000 hosts have been
scanned.  It appears as though 99% of the time is spent resolving
target names.

I've tried the scan from another network that has access to many very
fast local DNS servers and have specified them with --dns-servers but
that didn't seem to make any noticeable difference.

I tried adjusting these parameters in nmap_dns.cc:

#define CAPACITY_MIN 10
#define CAPACITY_MAX 200
#define CAPACITY_UP_STEP 2

but they didn't seem to have any noticeable effect either.

Does anyone have any ideas for how I can go about troubleshooting this
or speeding up name resolution?

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkg1Hc8ACgkQqaGPzAsl94JZxwCgi+GLHW61BqjPWow7fC8GqEsX
j1kAnj8+mDHmVmvbvckCjKCJQpJxxO2C
=njXv
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org