Nmap Development mailing list archives
Re: Nmap SoC Ideas?
From: Fyodor <fyodor () insecure org>
Date: Sun, 21 Mar 2010 18:21:32 -0700
On Sun, Mar 14, 2010 at 11:15:03PM +1100, Chip Panarchy wrote:
Progress status bar &/or estimated time of scan completion
I think this is an excellent idea. Nmap used to give basically no feedback during a scan. Eventually we added occasional status messages and later still we the runtime interaction feature where you can request a status by pressing enter at any time. Users really loved this ability (especially when it was on demand) to get a better idea of what Nmap was doing and when it would be done. But the status messages are far from perfect. For example, I just ran this scan: # nmap -v -T4 -A -iR 5000 When I press <enter>, I get a message like this: Stats: 0:04:46 elapsed; 879 hosts completed (64 up), 64 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 1.74% done; ETC: 18:20 (0:24:29 remaining) That explains a bit about what Nmap is doing now and when it will complete the CURRENT TASK (SYN scan against a group of 64 hosts), but it isn't very helpful for figuring out when the whole scan will complete. It says "879 hosts completed" (even though we're only for minutes in) because it was able to exclude those during the ping scan phase. So assuming the rate of 3 host completions per second would be a big mistake. But even if you assumed that, you don't know from the status message how many hosts will be scanned (admittedly this information can be a pain for Nmap to calculate in some cases). You know when the SYN scan is estimated to complete against those 64 hosts, but you don't know from the status that version detection, OS detection, and NSE will come next, or how long those will take. I think a key value people would like to see is "when will Nmap completely finish the whole scan I asked for" rather than just "when will the current scan phase end for the current subset of scan targets". Admittedly the "whole scan time estimate" is a harder problem for numerous reasons, but we should at least look at what we can do to approximate that. After better stats are incorporated into Nmap, we could look at exposing them with Zenmap (beyond just in the scan output window). Right now Zenmap just has a throbber which tells you that the scan is going (and the UI is not frozen). Nessus used to have a fake progress bar which always went at the same speed (slowing down continually to ensure it never actually reached the end until the task was done and it would jump right to the end). But we could potentially have a real status notification explaining what Nmap is doing, when it will be done with the whole scan, etc. Of course providing these stats isn't enough--they have to be accurate. I actually think Nmap currently does pretty well (much better than it used to) in that regard. I believe that is due to David's handywork. For example, 16 minutes after the status message above I get: Stats: 0:20:46 elapsed; 879 hosts completed (64 up), 64 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 69.02% done; ETC: 18:19 (0:07:23 remaining) As you can see, the estimated time of completion (ETC) has only changed from 18:20 to 18:19 in those 16 minutes of scanning. I adding a TODO list item to think more about how Nmap status messages can be improved. If anyone else has ideas, send 'em in! Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap SoC Ideas?, (continued)
- Re: Nmap SoC Ideas? Patrik Karlsson (Mar 22)
- Re: Nmap SoC Ideas? Djalal Harouni (Mar 22)
- Re: Nmap SoC Ideas? ithilgore (Mar 24)
- Re: Nmap SoC Ideas? Daniel Roethlisberger (Mar 14)
- Re: Nmap SoC Ideas? Chip Panarchy (Mar 14)
- Re: Nmap SoC Ideas? Ron (Mar 14)
- Re: Nmap SoC Ideas? Interactivity/phase cancellation David Fifield (Mar 14)
- Re: Nmap SoC Ideas? Interactivity/phase cancellation Patrick Donnelly (Mar 14)
- RE: Nmap SoC Ideas? Dario Ciccarone (dciccaro) (Mar 15)
- Re: Nmap SoC Ideas? Fyodor (Mar 15)
- Re: Nmap SoC Ideas? Chip Panarchy (Mar 14)
- Re: Nmap SoC Ideas? Fyodor (Mar 21)
- Re: Nmap SoC Ideas? (progress estimates) David Fifield (Mar 21)
- Re: Nmap SoC Ideas? (progress estimates) Ron (Mar 21)
- Re: Nmap SoC Ideas? Fyodor (Mar 14)
- Re: Nmap SoC Ideas? Kris Katterjohn (Mar 15)
- Re: Nmap SoC Ideas? Michael Pattrick (Mar 15)
- Re: Nmap SoC Ideas? David Fifield (Mar 17)