Penetration Testing mailing list archives

RE: fast nmap scan of XP boxes?

From: "Chris Chandler" <chandlerchrisc () adelphia net>
Date: Sat, 13 Aug 2005 05:37:00 -0400

Usually when I am doing multiple systems, add the switch -max_rtt_timeout
100 and it speeds things up rather nicely. For super fast, you can use 50

-----Original Message-----
From: Michael Weber [mailto:mweber () alliednational com] 
Sent: Friday, August 12, 2005 1:58 PM
To: pen-test () securityfocus com
Subject: fast nmap scan of XP boxes?

Greetings!

I am using nmap to create a list of targets that I will then use other
tools to test.  My problem is how can I do a fast scan of a large (class
B) network of systems running XP, most with firewalling turned on?  Will
nmap -sP still find the systems if ping does not?

What I am trying now is a tcp connect scan to the M$ ports.  It seems
to find all the systems, but it takes a VERY long time.

Thanx!

-Michael

Attachment: smime.p7s
Description:

Current thread:

fast nmap scan of XP boxes? Michael Weber (Aug 12)
- RE: fast nmap scan of XP boxes? Chris Chandler (Aug 13)
- Re: fast nmap scan of XP boxes? Tim (Aug 13)
- Re: fast nmap scan of XP boxes? ilaiy (Aug 13)
- Re: fast nmap scan of XP boxes? matt (Aug 14)