Re: question about host-timeout

[Tim Rupp <tarupp () fnal gov>]

On 02/18/2011 03:16 PM, David Fifield wrote:
> On Wed, Feb 16, 2011 at 10:19:01AM -0600, Tim Rupp wrote:
> > Hi folks,
> >
> > I had a question about the host-timeout. I have a firewall which is
> > rejecting connections, as opposed to dropping silently, and nmap is
> > timing out the scan.
> >
> > > From what I observe, it seems to me even if nmap is receiving
> > rejections, it will still time out the host. Is that the case? Or am I
> > reading that wrong.
> >
> > I guess I figured that if nmap was still receiving _something_ from the
> > host, that it would not time it out. Where as if it was receiving
> > nothing from the host, due to dropped packets, that it would then time
> > the host out.
>
> The host timeout is an absolute limit on the amount of time that will be
> spent on a host, not a limit on how long to wait without a response. If
> the timeout is too short, the host will be skipped regardless if it's
> receiving replies.
>
> One of the purposes of having a host timeout is to avoid spending too
> much time in the face of RST rate-limiting and the like, which otherwise
> can slow down a scan a lot.
>
> David Fifield

Thanks for the clarification David.

-Tim
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/