Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: problem with max retries

From: David Fifield <david () bamsoftware com>
Date: Wed, 16 Nov 2011 09:53:14 -0800
On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:

I am doing a UDP port scan with -T4 template but i set the scan delay as 5s
which is more than rtt timeout, according to this template the max retries
option is set to 6 but after analyzing the scan it is seen that nmap is re
transmitting a probe for each port only 2 times rather than 6. Whats the
reason for this behavior of Nmap?


Nmap only uses all of its retires when it senses that the network is
unreliable. The default is --max-retries 10, but it hardly ever sends 10
retransmissions. Sending a probe only two times is normal behavior. See
this part of the man page:

        "The default (with no -T template) is to allow ten
        retransmissions. If a network seems reliable and the target
        hosts aren't rate limiting, Nmap usually only does one
        retransmission. So most target scans aren't even affected by
        dropping --max-retries to a low value such as three."

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: