I decided to try nmap again instead of the built-in Nessus SYN scan (which I think is the recommended scan for safety and the fact that Nessus lets you know it's progress). I asked for an nmap SYN+UDP+RPC scan with OS identification, ports 1-65535 and Aggressive timing (-T4). I was surprised to find the nmap only took 90 seconds!
I've since tried this (nmap 3.50 with "-A -sUR -T4 -p1-65535 -oA filename") against the following hosts with these results: HP-UX 11.11: 90 & 310 seconds (seconds with -vvv) Redhat 9: 35 minutes and counting (I expect this to take the normal 8-12 hours or so for UDP) Solaris 8: 25 minutes and counting Win2k: 139 seconds I'm guessing this has to do with the non-RFC-compliant UDP implementation on HP-UX and Windows systems? Are there any other known OSes that allow for fast UDP scans so I can use this somewhat more accurate nmap scan for know systems? Thanks, Owen Crow Systems Programmer (Unix) BMC Software, Inc. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
