iXsecurity.patch.nmap_statistics.1

From: ian.vitek (ian.vitek@ixsecurity.com)
Date: 12/18/01 

Date: Tue, 18 Dec 2001  9:00 -0500
From: "ian.vitek" <ian.vitek@ixsecurity.com>
To: "Abdur Raqib" <abdur@edunet.tc.columbia.edu>, "nmap-hackers" <nmap-hackers@insecure.org>, "pen-test" <pen-test@securityfocus.com>, araqib@catskill.net

 -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

iXsecurity Patch
nmap hack to get timing statistics
==================================

Tool Description
 - - ------------
This patch is intended for the nmap-2.54BETA30.
The patch will add a -c switch.
The -c switch will add two rows of statistics when running nmap.

Screen shot
 - - -------
root@host:/tmp# nmap -sS -v -c -p 1- 10.1.1.1

Starting nmap V. 2.54BETA30IX ( www.insecure.org/nmap/ )
Host (10.1.1.1) appears to be up ... good.
Initiating SYN Stealth Scan against (10.1.1.1)
Adding open port 427/tcp
Tried: 11835 (0 resends)
P/S: 2958.75 ETS: 18

 - - -------
Legend:
Tried is ports tried
Resends is number of resends (usually firewalled ports)
P/S is ports per second
ETS is estimated time of scan (+-2 seconds if MANY resends)

Background
 - - ------
When performing pen-tests you realy want to know how long time
the scan will take. You also want to know how the timing options
will affect the time of the scan.

Additional information
 - - ------------------
nmap:
http://www.insecure.org/nmap/index.html

 - - ------------------------------------------------

Ian Vitek, mailto:ian.vitek@ixsecurity.com

 - - ------------------------------------------------

 -----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBPB9LuY118uy6FU2iEQIJ9ACgo99yDYzLxHYh3bq/Y4eB+YJ/kncAoN0x
QwqnhFaVnw9JayRiwp3HiQ3I
=gydS
 -----END PGP SIGNATURE-----

(See attached file: nmap-2.54BETA30-statistic.diff)

 --------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help@insecure.org . List run by ezmlm-idx (www.ezmlm.org).

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • iXsecurity.patch.nmap_statistics.1
    ... This patch is intended for the nmap-2.54BETA30. ... The -c switch will add two rows of statistics when running nmap. ... Resends is number of resends ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: faster scans? (nmap)
    ... avoid doing extended port scans of hosts you already know to be there. ... Ping broadcast and network addresses (NMAP). ... If you get a positive response (i.e. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: How to aggregate output of NMAP
    ... check out ndiff (Nmap diff). ... I recommend the XML output mode for more ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Auditing boxes with predictable IP Sqeuence(s)
    ... > exotic router, ... Then again, since NMAP can't gather good hard data from the boxes as it doesn't find open TCP ports, it reports a different level of TCP sequence number randomness than that actually encountered in real life TCP connections. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • [Full-Disclosure] How to massively remove DCOM RPC Worms
    ... I used the oc192-dcom proof of concept code from securityfocus too. ... On XP machine the reboot is automatic when you kill the exploit (I did not ... after the reboot, the ms.bat script is launched, it cleans the box ... Again, on XP, installing the patch generate XP reboots automatically. ...
    (Full-Disclosure)