On Thu, 2003-05-29 at 21:35, Kurt Seifried wrote: > It sounds like your iSS/OS is patiently waiting for timeouts/etc, and if > this is the case then a scan could take a very long time, especially if the > target is configured to drop packets silently. Do you scan UDP ports on Solaris targets ? From the nmap manual : Unfortunately UDP scanning is sometimes painfully slow since most hosts implement a suggestion in RFC 1812 (section 4.3.2.8) of limiting the ICMP error message rate. For example, the Linux kernel (in net/ipv4/icmp.h) limits destination unreachable message generation to 80 per 4 seconds, with a 1/4 second penalty if that is exceeded. Solaris has much more strict limits (about 2 messages per sec ond) and thus takes even longer to scan. > Personally I'd use nmap/paketto Yes, paketto is really a good choice for ultra-fast scanning and/or heavily filtered hosts. -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoireat_private ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri May 30 2003 - 07:59:41 PDT