ghost
commented
9 years ago I guess it's related to the quality/capacity of the router you're using to send the packages. While using a home internet connection the results were very poor, but using a dedicated Internet service with 100 MB/s link I did have quite better outcomes. It would be interesting to know how much the efficiency decreases while increasing the amount of packages. Because, even with a good router/internet there's a trade of between #packages and #foundhosts/ports.
Hello Robert,
I've been using this greate piece of software and I already found some routers with default password (login windows showing the default password!) and video cameras (webpanels) with open access.
But I'm having some doubts about the --randomize-hosts option.
Mainly, because doing the same scan (bin/masscan 107.81.17.0-107.81.17.255 -p22,25,80 --rate 100000, this is no the real scan). I'm getting different results each time, different ports found per hosts, different hosts resulting.
The scan subnet is mine (around 8192 ips, low ammount used), I know how many hosts have 80 ports open, but when scanning in only get 5 or 6, each time they change.
Is this suppoused to work like this? If so, how can I get all the results? If I 'override' the default --randomize-host would I get the expected result? (all ports, all hosts)
Thanks.