From: Ozan Gonenc (ogonenc@adga.ca)
Date: Mon Jun 03 2002 - 11:21:30 EDT
wire,
You still have some more options to play with such as:
-T Aggressive
-T Insane
But again this all depends on the speeds of the network you are testing and
testing from. If they are very fast then you should still recover accurate
results in these modes.
There are also the timeout options and parallelism (see Nmap man page).
Selecting a higher number of ports with parallelism may actually decrease
scan speeds on fast networks but increase speeds on slower networks.
Nmap is probably your best bet. Spend a little more time playing with these
options on your test machines. Hope that helps a bit.
Ozan
-----Original Message-----
From: wirepair [mailto:wirepair@roguemail.net]
Sent: June 1, 2002 17:36
To: pen-test@securityfocus.com
Subject: faster scans? (nmap)
lo all.
I'm sure most of you at some point in time need to scan
class c after class c for hosts responding (most likely
using nmap). Here's the issue, multiple class C's, must
scan every ip with the -P0 option. Doing some testing with
various flags to decrease the timing and still have the
results be reliable. 1-1000 ports takes about 1293
seconds... x 65.5 x 254 == hella long time. I'm doing
vanilla tcp connect scans (Syns aren't reliable in this
case), so I was wondering if any of you have any tips on
speeding up the process and not loosing reliablity. Here's
the actual syntax nmap -sT -v -n -P0 -p 1- ip.ip.ip.ip-ip.
I've tried setting the amount of sockets to use to 100 and
that increased it from 1293 to 588seconds. Still there's
gotta be a better way. The reason they take this long is
because there is no host at the ips i'm trying to scan,
but still this is discovery and every ip needs to be
scanned. Maybe changing timeouts in /proc/sys ? I'm
running out of ideas any suggestions would be helpful
(there really isn't much out there in the way of
increasing timing on scans) Hell maybe i should be using a
different scanner? Thanks,
wire
_____________________________
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=wmf>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:22 EDT