as a note to self (and anyone who reads the blog)
"The host discovery (ping probe) defaults have been enhanced to include twice as many probes. The default is now "-PE -PS443 -PA80 -PP". In exhaustive testing of 90 different probes, this emerged as the best four-probe combination, finding 14% more Internet hosts than the previous default, "-PE -PA80". The default for non-root users is -PS80,443, replacing the previous default of -PS80. In addition, ping probes are now sent in order of effectiveness (-PE first) so that less effective probes may not have to be sent. ARP ping is still the default on local ethernet networks."
The non-sudo/root versions of the -sP should be noted, it could be enough traffic/ports per second to have some firewalls throw a SYN flood alert if you were to scan several hosts (like a Class C).
wireshark captures:
No comments:
Post a Comment