Re: nmap scanning techniques and execution privileges

[Guillaume Rousse <guillomovitch () gmail com>]

Le 21/12/2011 19:57, Brahim Sakka a écrit :
> > So, how does the first nmap command, run as standard user without ICMP
> > optimisation, complete in just one hour, while the same command run as
> > root is more than 10 times slower ?
> You said it. The "enhanced" version of the command will scan every
> single host, while the first/second one only scanned these hosts that
> replied to ICMP requests. You do the math :-)
So how does nmap, when run as user without raw socket privileges, manage 
to scan the same IP range in reasonable time, despite being unable to 
optimize its run by using ICMP probes ? That's the curious part here.

> > Also, if I can't have a magic set of options to discover all the running
> > servers in a single run, is there any way to merge results from two
> > different scans ?
> Try importing both results in Zenmap.
Well, I don't need to visualize them myself, I need to produce 
consolidated outputs for others to visualize them.

--
BOFH excuse #365:

parallel processors running perpendicular today
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/