Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Performance Improvement Request - Stop a host currently being scanned through runtime interaction

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 27 Apr 2017 22:57:29 -0500
Sam,

Thanks for the suggestion. We have considered various interactive options
for affecting scan time, but nothing has gained traction. As a general
suggestion, if you find this happening frequently, identify what part of
the scan is actually taking up the time. If it's NSE scripts, add
--script-timeout to your scans to prevent any particular script from taking
too much time. This is pretty safe, since you would only lose the output of
the specific scripts that go over-time. Alternatively, you can add
--host-timeout to set a time limit on scanning any particular host, but
then you will lose all results from that host when the timeout expires.
Other timing options like --max-retries, --max-rtt-timeout,
--defeat-rst-ratelimit, and others are discussed in the man page [1].

Adding IPs during a scan is not likely to be added as a feature. There are
too many things that would have to change about the scan queue, the output,
etc. to make it worthwhile, given that the addresses could as easily be
scanned in a separate command.

Dan

[1] https://nmap.org/book/man-performance.html

On Tue, Apr 25, 2017 at 9:32 PM, Sam Hamid <samhamid () live com> wrote:


Request:
Is it possible to add a feature to allow users to stop\skip, or maybe even
add, a specific host after a scan is initiated?

For example: Similar to pressing d or v to increase the debugging or
verbosity levels while a scan is running, maybe pressing a key (s for
example) followed by an IP address to stop scanning that specified IP
address and a key (a for example) followed by an IP address to add that
IP to the list of hosts to scan.

The reason I ask this is because I ran into a situation where I scanned a
/24 subnet and all hosts completed fairly quickly but 1 host took almost as
long as all the other hosts combined. I didn't want to stop the scan so
that I don't lose my progress. Having an option like this could have saved
me some time and I think it could be valuable to others.

Thanks,
Sam.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: