Nmap Development mailing list archives
Re: resuming scan
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 1 Jun 2016 09:43:09 -0500
Gary, Nmap scans targets in groups called "hostgroups" and writes output to a file when all of the hosts in one hostgroup have finished scanning. The size of a hostgroup depends on several factors including: * Duration of the scan (first hostgroup is usually smaller in order to give results sooner) * Number of total hosts scanned * Timing template (-T option) * Value of --max-hostgroup or --min-hostgroup option If you have a scan with lots of scan phases (like -A, which includes port scan, version scan, NSE script scan, OS detection, and traceroute), then it can take a while for a hostgroup to finish. You can get results sooner with a small --max-hostgroup value, but it can slow down the whole scan by using less parallelism. You can also set a --host-timeout value to simply drop results from hosts that are slowing you down. Dan On Fri, May 27, 2016 at 5:55 AM, Gary Madarm <gmadarm () gmail com> wrote:
The nmap man page says that I can resume a scan via the --resume flag. Based on the nmap book it looks like I need to point --resume to the -oN or -oG output. However, when running long scans those files are always mostly empty besides for containing the command I used to kick of the scan. Where does nmap store the partial results after terminating a scan in the middle? _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- resuming scan Gary Madarm (May 27)
- Re: resuming scan Daniel Miller (Jun 01)