Re: nmap-dev Digest, Vol 80, Issue 25

[Raphael Rodrigez <plumedelezard () gmail com>]

2011/11/16, nmap-dev-request () insecure org <nmap-dev-request () insecure org>:
> Send nmap-dev mailing list submissions to
>       nmap-dev () insecure org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>       http://cgi.insecure.org/mailman/listinfo/nmap-dev
> or, via email, send a message with subject or body 'help' to
>       nmap-dev-request () insecure org
>
> You can reach the person managing the list at
>       nmap-dev-owner () insecure org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nmap-dev digest..."
>
>
> Today's Topics:
>
>    1. problem with max retries (jeetika kataria)
>    2. Re: Removal of SVN externals (Luis MartinGarcia.)
>    3. Re: problem with max retries (David Fifield)
>    4. New VA Modules: OpenVAS: 3 (New VA Module Alert Service)
>    5. Re: problem with max retries (jeetika kataria)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 16 Nov 2011 13:11:32 +0100
> From: jeetika kataria <jeetika.kataria () gmail com>
> Subject: problem with max retries
> To: nmap-dev () insecure org
> Message-ID:
>       <CALQt5eD8kPnb-B-rKby98gpGswa-9zX5tUpSUqWcVcwj3owcrA () mail gmail com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> I am doing a UDP port scan with -T4 template but i set the scan delay as 5s
> which is more than rtt timeout, according to this template the max retries
> option is set to 6 but after analyzing the scan it is seen that nmap is re
> transmitting a probe for each port only 2 times rather than 6. Whats the
> reason for this behavior of Nmap?
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 16 Nov 2011 13:00:40 +0000
> From: "Luis MartinGarcia." <luis.mgarc () gmail com>
> Subject: Re: Removal of SVN externals
> To: David Fifield <david () bamsoftware com>,  nmap-dev
>       <nmap-dev () insecure org>
> Message-ID: <4EC3B3F8.10501 () gmail com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 11/15/2011 11:57 PM, David Fifield wrote:
> > I'm about to commit a change to remove our SVN externals and replace
> > them with real subdirectories. This is mainly aimed at making branching
> > easier (you won't have to remember to also branch all the externals).
>
> Hi!
>
> I'd just like to say that I'm totally in favor of this change. Now it
> will be a lot easier to deal with branches, specially for those of us
> who use Git locally and then push the changes to the SVN.
>
> Thanks, David!
>
> Regards,
>
> Luis.
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 16 Nov 2011 09:53:14 -0800
> From: David Fifield <david () bamsoftware com>
> Subject: Re: problem with max retries
> To: jeetika kataria <jeetika.kataria () gmail com>
> Cc: nmap-dev () insecure org
> Message-ID: <20111116175313.GA32321 () ignominy bamsoftware com>
> Content-Type: text/plain; charset=us-ascii
>
> On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:
> > I am doing a UDP port scan with -T4 template but i set the scan delay as
> > 5s
> > which is more than rtt timeout, according to this template the max retries
> > option is set to 6 but after analyzing the scan it is seen that nmap is re
> > transmitting a probe for each port only 2 times rather than 6. Whats the
> > reason for this behavior of Nmap?
>
> Nmap only uses all of its retires when it senses that the network is
> unreliable. The default is --max-retries 10, but it hardly ever sends 10
> retransmissions. Sending a probe only two times is normal behavior. See
> this part of the man page:
>
>       "The default (with no -T template) is to allow ten
>       retransmissions. If a network seems reliable and the target
>       hosts aren't rate limiting, Nmap usually only does one
>       retransmission. So most target scans aren't even affected by
>       dropping --max-retries to a low value such as three."
>
> David Fifield
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 16 Nov 2011 10:00:37 -0800 (PST)
> From: New VA Module Alert Service <postmaster () insecure org>
> Subject: New VA Modules: OpenVAS: 3
> To: nmap-dev () insecure org
> Message-ID: <20111116180037.6E486B2005 () web insecure org>
> Content-Type: text/plain; charset="utf-8"
>
> This report describes any new scripts/modules/exploits added to Nmap,
> OpenVAS, Metasploit, and Nessus since yesterday.
>
> == OpenVAS plugins (3) ==
>
> r12126 103339 gb_sit_50632.nasl
> http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_sit_50632.nasl?root=openvas&view=markup
> Support Incident Tracker (SiT!) Multiple Input Validation
> Vulnerabilities
>
> r12126 103340 gb_dlguard_50650.nasl
> http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_dlguard_50650.nasl?root=openvas&view=markup
> DLGuard 'index.php' Cross Site Scripting Vulnerability
>
> r12126 103338 gb_centreon_50568.nasl
> http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_centreon_50568.nasl?root=openvas&view=markup
> Centreon 'command_name' Parameter Remote Command Execution Vulnerability
>
> ------------------------------
>
> Message: 5
> Date: Wed, 16 Nov 2011 19:05:46 +0100
> From: jeetika kataria <jeetika.kataria () gmail com>
> Subject: Re: problem with max retries
> To: nmap-dev () insecure org
> Message-ID:
>       <CALQt5eBNvPgB8QpD-69gDUPZOEVO-GJMwQCoN4-hp1zp8ZJ5Lg () mail gmail com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Thank you for you reply. But I have one more question, if I set the scan
> delay more than the rtt time out value, will I get the accurate result? How
> will Nmap behave on this situation.
>
> On Wed, Nov 16, 2011 at 6:53 PM, David Fifield <david () bamsoftware com>wrote:
>
> > On Wed, Nov 16, 2011 at 01:11:32PM +0100, jeetika kataria wrote:
> > > I am doing a UDP port scan with -T4 template but i set the scan delay as
> > 5s
> > > which is more than rtt timeout, according to this template the max
> > retries
> > > option is set to 6 but after analyzing the scan it is seen that nmap is
> > re
> > > transmitting a probe for each port only 2 times rather than 6. Whats the
> > > reason for this behavior of Nmap?
> >
> > Nmap only uses all of its retires when it senses that the network is
> > unreliable. The default is --max-retries 10, but it hardly ever sends 10
> > retransmissions. Sending a probe only two times is normal behavior. See
> > this part of the man page:
> >
> >        "The default (with no -T template) is to allow ten
> >        retransmissions. If a network seems reliable and the target
> >        hosts aren't rate limiting, Nmap usually only does one
> >        retransmission. So most target scans aren't even affected by
> >        dropping --max-retries to a low value such as three."
> >
> > David Fifield
>
>
> ------------------------------
>
> _______________________________________________
> nmap-dev mailing list
> nmap-dev () insecure org
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
>
>
> End of nmap-dev Digest, Vol 80, Issue 25
> ****************************************
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/