If you turn off dependencies in the plugin selection screen, you can turn off pings and get a valid scan. The problem is, NMAP goes nuts when it doesn't get any reply traffic, and begins to send huge numbers of repeat SYNs while waiting longer for replies. When scanning firewalled hosts, especially large address ranges, you need to use manual timing parameters for nmap. (max/min/initial rtt_timeout) Ping something you can get to, (TCP or ICMP) and develop a baseline of how fast the target network should respond. If you're on a fast Internet connection, this shouldn't exceed 100ms. If it doesn't, you can set your max_rtt timeout to 300ms and scan about 10,000 ports/hour. The minimum should be 100ms. The initial almost doesn't matter, but just set it to 200ms.
At 09:44 AM 5/9/2002 -0700, twig les wrote: >Poke a temporary hole in the firewall allowing echo >request from your address and echo reply to your >address? Being very explicit is a pain in the arse >but doing that and taking the hole out within an hour >should work without being too bad. > > >--- "Wigg, Guy G" <[EMAIL PROTECTED]> wrote: > > Hi, I have a number of hosts located behind a > > firewall that I need to scan. > > These hosts vary from email servers, to web servers > > to SSL servers and other > > types, without a common TCP port open. Initially > > with the TCP ping enabled > > only the non-SSL servers were scanned, the rest > > appeared dead in the report. > > I therefore disabled both the TCP/ICMP ping options > > (we don't allow ICMP > > through the Firewall) under preferences, hoping that > > it would scan the host > > regardless of what ports were open. Unfortunately I > > now get a report that > > indicates all hosts are dead. Anyone have any ideas? > > I am using Nessus > > 1.2.0. > > > > thanks > > Guy > > > > ----- > > Guy Wigg > > Standard Bank Information Security Analyst > > email: [EMAIL PROTECTED] > > Tel: +27-11-636 0795 > > Cell/mobile: +27-82 824 7094 > > Fax: +27-11-631 8156 > > > > > > > > ______________________________________________ > > > > Disclaimer and confidentiality note > > > > Everything in this e-mail and any attachments > > relating to the official business of Standard Bank > > Investment Corporation (Stanbic) > > is proprietary to the company. It is confidential, > > legally privileged and protected by law.\ > > Stanbic does not own and endorse any other content. > > Views and opinions are those of the sender unless > > clearly stated as being that of Stanbic. > > > > The person addressed in the e-mail is the sole > > authorised recipient. > > Please notify the sender immediately if it has > > unintentionally reached you and do not read, > > disclose or use the content in any way. > > > > Stanbic can not assure that the integrity of this > > communication has been maintained > > nor that it is free of errors, virus, interception > > or interference. > > > > > > ______________________________________________ > > > > >===== >----------------------------------------------------------- >Only failures don't include failing in their plans >----------------------------------------------------------- > >__________________________________________________ >Do You Yahoo!? >Yahoo! Shopping - Mother's Day is May 12th! >http://shopping.yahoo.com
