Penetration Testing mailing list archives
Re: faster scans? (nmap)
From: "Michael Starr" <mstarr () ampeisch com>
Date: Mon, 3 Jun 2002 11:26:19 -0400
If all you're looking for is which hosts are up, you could try using hping instead of nmap to do the initial scan -- then you could scan only hosts that you know are there with Nmap. I believe that hping (haven't used it for a while, so check me on this) has an option to use protocols other than icmp, so it can detect hosts that drop echo- request packets. I've used hping in conjunction with nmap with pretty fair success. The other thing that I've done from time to time is write Perl code, or batch scripts that will cycle through the ip ranges as an array, hash, or read directly from a file -- using Perl's system() function works pretty well with this. It might or might not make things faster, but at least you don't have to manually run the scans, and you can do something else while they're running, and increase efficiency if not speed. Hope it helps, M. On 1 Jun 2002 at 14:36, wirepair wrote: lo all. I'm sure most of you at some point in time need to scan class c after class c for hosts responding (most likely using nmap). Here's the issue, multiple class C's, must scan every ip with the -P0 option. Doing some testing with various flags to decrease the timing and still have the results be reliable. 1-1000 ports takes about 1293 seconds... x 65.5 x 254 == hella long time. I'm doing vanilla tcp connect scans (Syns aren't reliable in this case), so I was wondering if any of you have any tips on speeding up the process and not loosing reliablity. Here's the actual syntax nmap -sT -v -n -P0 -p 1- ip.ip.ip.ip-ip. I've tried setting the amount of sockets to use to 100 and that increased it from 1293 to 588seconds. Still there's gotta be a better way. The reason they take this long is because there is no host at the ips i'm trying to scan, but still this is discovery and every ip needs to be scanned. Maybe changing timeouts in /proc/sys ? I'm running out of ideas any suggestions would be helpful (there really isn't much out there in the way of increasing timing on scans) Hell maybe i should be using a different scanner? Thanks, wire _____________________________ For the best comics, toys, movies, and more, please visit <http://www.tfaw.com/?qt=wmf> ---------------------------------------------------------------------- ------ This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ "Even if a samurai's head were to be suddenly cut off, he should still be able to perform one more action with certainty, If one becomes like a revengeful ghost and shows great determination, though his head is cut off, he should not die." -- Hagakure ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- faster scans? (nmap) wirepair (Jun 03)
- Re: faster scans? (nmap) Matt Selsky (Jun 03)
- RE: faster scans? (nmap) Ozan Gonenc (Jun 03)
- Re: faster scans? (nmap) wirepair (Jun 03)
- Re: faster scans? (nmap) Andreas Junestam (Jun 04)
- Re: faster scans? (nmap) Gregory Duchemin (Jun 04)
- Re: faster scans? (nmap) wirepair (Jun 03)
- Re: faster scans? (nmap) Michael Starr (Jun 03)
- How to portscan a Class B effectively RT (Jun 03)
- Re: How to portscan a Class B effectively batz (Jun 03)
- Re: faster scans? (nmap) Yann Berthier (Jun 03)
- How to portscan a Class B effectively RT (Jun 03)
- Re: faster scans? (nmap) Anders Thulin (Jun 04)
- <Possible follow-ups>
- Re: faster scans? (nmap) miguel . dilaj (Jun 03)
- RE: faster scans? (nmap) Steve Maks (Jun 03)
- Re: faster scans? (nmap) Yann Berthier (Jun 03)
- RE: faster scans? (nmap) JLETOUX (Jun 04)
- Re: faster scans? (nmap) Gregory Duchemin (Jun 04)