Nmap Development mailing list archives
Re: Performance Improvement Request - Stop a host currently being scanned through runtime interaction
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 27 Apr 2017 22:57:29 -0500
Sam, Thanks for the suggestion. We have considered various interactive options for affecting scan time, but nothing has gained traction. As a general suggestion, if you find this happening frequently, identify what part of the scan is actually taking up the time. If it's NSE scripts, add --script-timeout to your scans to prevent any particular script from taking too much time. This is pretty safe, since you would only lose the output of the specific scripts that go over-time. Alternatively, you can add --host-timeout to set a time limit on scanning any particular host, but then you will lose all results from that host when the timeout expires. Other timing options like --max-retries, --max-rtt-timeout, --defeat-rst-ratelimit, and others are discussed in the man page [1]. Adding IPs during a scan is not likely to be added as a feature. There are too many things that would have to change about the scan queue, the output, etc. to make it worthwhile, given that the addresses could as easily be scanned in a separate command. Dan [1] https://nmap.org/book/man-performance.html On Tue, Apr 25, 2017 at 9:32 PM, Sam Hamid <samhamid () live com> wrote:
Request: Is it possible to add a feature to allow users to stop\skip, or maybe even add, a specific host after a scan is initiated? For example: Similar to pressing d or v to increase the debugging or verbosity levels while a scan is running, maybe pressing a key (s for example) followed by an IP address to stop scanning that specified IP address and a key (a for example) followed by an IP address to add that IP to the list of hosts to scan. The reason I ask this is because I ran into a situation where I scanned a /24 subnet and all hosts completed fairly quickly but 1 host took almost as long as all the other hosts combined. I didn't want to stop the scan so that I don't lose my progress. Having an option like this could have saved me some time and I think it could be valuable to others. Thanks, Sam. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Performance Improvement Request - Stop a host currently being scanned through runtime interaction Sam Hamid (Apr 27)
- Re: Performance Improvement Request - Stop a host currently being scanned through runtime interaction Daniel Miller (Apr 27)