Nmap Development mailing list archives
Re: retransmission level hit
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 24 Nov 2014 09:03:07 -0600
On Sun, Nov 23, 2014 at 10:16 AM, Mike . <dmciscobgp () hotmail com> wrote:
i looked at the source and docs on nmap and didn't see this answered. when we hit a retransmission level when scanning, i notice it says "giving up on port". in doing a large full socket scan, is there any way we could see what port is actually creating that? i understand exactly what the retransmission level is for and how it is generated. i was simply curious when it says PORT is that a general term as in "ports are dropping, increase", or did it hit an individual port. i think it would be useful for users to know what port signalled the mesg
Mike, The "giving up on port" message is gated with logic to prevent it from being printed more than once per host. There's technically nothing preventing it from mentioning which target port it is referring to, but doing so could possibly be confusing, since Nmap may give up on more than one port for the same reason, but only one message would be printed. Note that this is due to hitting the hard cap on retransmissions (default 10), though Nmap may give up on a port earlier than this if the link seems to be generally reliable. Dan
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- retransmission level hit Mike . (Nov 23)
- Re: retransmission level hit Daniel Miller (Nov 24)
- Re: retransmission level hit Royce Williams (Nov 24)
- Re: retransmission level hit Daniel Miller (Nov 24)