We are now completely able to scan many different types of hosts, and overcome a plethora of methods that system administrators and network engineers use to defend or mask their machines. Excellent! At this juncture, we will begin to look at some of the broader strokes that Nmap can address: specifically, the difficulty we may encounter if we attempt to scan large swaths of IP addresses that may create performance disruptions.
Unfortunately, using advanced Nmap options, which we learned about in the last chapter, can make scans take significantly longer time than we may have. Performance optimization techniques are some of the least used but most useful Nmap flags, so it's worth it to learn them well—and to employ them when needed.
In this chapter, we will cover:
Basic Nmap timing optimization
Customized host group sizes
How to increase or decrease Nmap's parallelism
How to deal with stuck hosts
How to delay (or increase the rate of) individual packets