Re: Warning message enhancement idea

[Chris Clements <cclements () flatearth net>]

David,

Thanks!  This will be very helpful.  Gave it a try last night.  Seems  
to work well.


Chris Clements


On Nov 16, 2009, at 11:35 AM, David Fifield wrote:

> On Fri, Nov 06, 2009 at 04:37:19PM -0600, Chris Clements wrote:
> > Often times with slow links or comically overzealous scan tuning,  
> nmap
> > informs me that it is giving up on a particular port:
> >
> > Warning: Giving up on port early because of retransmission cap hit.
> >
> > While getting this message is fantastic for knowing that I should  
> adjust
> > my timings, it would be much more useful if it included a bit more
> > information, such as the particular host / port, as well as the
> > retransmission cap for the scan (yes I should know this from my own
> > command switches, but they might be out of my scroll buffer by the  
> time
> > the warning occurs). I'm thinking this would help single out an
> > unusually slow host or application if the rest of the systems were
> > responding in a timely fashion. Just an idea I had- thanks for  
> such a
> > great tool!
>
> Hi Chris. This message was being printed only once per hostgroup, so  
> if
> multiple ports or multiple hosts were hitting the retransmission  
> limit,
> you would only see it once. However there was a comment in the code
> saying that perhaps it should be printed once per host instead. So I
> took the liberty of doing so. Now the message looks like
>
> Warning: 64.13.134.52 giving up on port because retransmission cap  
> hit (0).
>
> That's when running with --max-retries 0. I decided to leave out the
> port number because, as the message is printed only once per host,  
> there
> may not be anything special about the first port to reach the limit.
>
> David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/