Re: retransmission level hit

[Daniel Miller <bonsaiviking () gmail com>]

On Sun, Nov 23, 2014 at 10:16 AM, Mike . <dmciscobgp () hotmail com> wrote:

> i looked at the source and docs on nmap and didn't see this answered. when
> we hit a retransmission level when scanning, i notice it says "giving up on
> port". in doing a large full socket scan, is there any way we could see
> what port is actually creating that? i understand exactly what the
> retransmission level is for and how it is generated. i was simply curious
> when it says PORT is that a general term as in "ports are dropping,
> increase", or did it hit an individual port. i think it would be useful for
> users to know what port signalled the mesg

Mike,

The "giving up on port" message is gated with logic to prevent it from
being printed more than once per host. There's technically nothing
preventing it from mentioning which target port it is referring to, but
doing so could possibly be confusing, since Nmap may give up on more than
one port for the same reason, but only one message would be printed.

Note that this is due to hitting the hard cap on retransmissions (default
10), though Nmap may give up on a port earlier than this if the link seems
to be generally reliable.

Dan

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/