PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-23 07:59:03 +00:00
Code Issues Projects Releases Wiki Activity

Update the --min-rate documentation in the reference guide.

Browse Source
This commit is contained in:
david
2008-04-09 22:23:57 +00:00
parent 5ebce24446
commit ed4e96b4f7
1 changed files with 23 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
docs/refguide.xml
View File

@@ -2310,26 +2310,40 @@ threshold based intrusion detection and prevention systems (IDS/IPS).</para>
<para>Nmap's dynamic timing does a good job of finding an appropriate
speed at which to scan. Sometimes, however, you may happen to know an
appropriate speed for a network, or you may have to guarantee that a
scan will be finished by a certain time. When the
<option>--min-rate</option> is given Nmap will do its best to send
packets as fast or faster than the given rate. The argument is a
appropriate scanning rate for a network, or you may have to guarantee
that a scan will be finished by a certain time. When the
<option>--min-rate</option> option is given Nmap will do its best to
send packets as fast or faster than the given rate. The argument is a
positive real number representing a packet rate in packets per second.
For example, using <command>--min-rate 300</command> will ensure that
the packet sending rate doesn't fall below 300 packets per second.
Specifying a minimum rate does not keep Nmap from going faster if
conditions warrant.</para>
For example, specifying <command>--min-rate 300</command> means that
Nmap will try to keep the sending rate at or above 300 packets per
second. Specifying a minimum rate does not keep Nmap from going faster
if conditions warrant.</para>
<para>There are two conditions when the actual scanning rate may fall
below the specified minimum. The first is if the minimum is faster than
the fastest rate at which Nmap can send, which is dependent on hardware.
In this case Nmap will send packets as fast a possible, but be aware
In this case Nmap will send packets as fast as possible, but be aware
that such high rates are likely to cause a loss of accuracy. The second
case is when Nmap has nothing to send, for example at the end of a scan
when the last probes have been sent and Nmap is waiting for them to time
out or be responded to. It's normal to see the scanning rate drop at the
end of a scan or in between groups of hosts.</para>
<para>Specifying a minimum rate should be done with care. Scanning
faster than a network can support may lead to a loss of accuracy. In
some cases, using a faster rate can make a scan take
<emphasis>longer</emphasis> than it would with a slower rate. This is
because Nmap's adaptive
retransmission<indexterm><primary>adaptive retransmission</primary></indexterm>
will detect the network congestion caused by an excessive scanning rate
and increase the number of retransmissions in order to improve accuracy.
So even though packets are sent at a higher rate, more packets are sent
overall. Cap the number of retransmissions with the
<option>--max-retries</option>
option if you need to set an upper limit on total scan
time.</para>
<para>The <option>--min-rate</option> option is global, affecting an
entire scan, not individual hosts. It only affects port and host
discovery scans. Other features like OS detection implement their own