From: Fyodor (fyodor@insecure.org)
Date: Wed Dec 07 2005 - 05:19:42 EST
On Fri, Nov 11, 2005 at 08:15:46PM -0700, Tate Hansen wrote:
> When doing a 65k TCP port scan, the systems start off fast but quickly slow
> down. Each nmap became very memory hungry
I did some large scale tests recently that confirm your experience.
Nmap has gained many great new features in the last few years, but its
waistline has expanded too. Your example of scanning 65K ports x 100
hosts at a time x 8 Nmap processes running in parallel is a nasty test
case, but one Nmap should be able to handle. So I spent this last
weekend putting Nmap on a major diet. The result is Nmap 3.94ALPHA3,
which can reduce memory consumption by an order of magnitude or more
for certain large scans like yours. You can find it here:
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA3.tgz
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA3-win32.zip
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA3-1.src.rpm
I am very interested in hearing how it works out for you.
Cheers,
Fyodor
http://www.insecure.org/
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:14 EDT