-
-
Notifications
You must be signed in to change notification settings - Fork 887
Frequently Asked Questions
The following page is here to answer some frequently asked questions about AutoRecon.
It is entirely possible that one command (usually a full TCP Nmap scan or directory busting scan) takes longer than anticipated. This is usually out of AutoRecon's control, however you can use tools like htop/top/ps to find the scan command and then manually kill it using regular Linux commands like kill/pkill. AutoRecon will notice the process has been killed and will move onto the next scan or exit completely.
The port scans are performed using Nmap, which tries to be "safe" when scanning by not flooding the network with large amounts of packets. There is always a trade off between speed and accuracy when it comes to port scanning. However, this does mean that by default, Nmap can be slow. AutoRecon does run Nmap with -T4 which is the second highest "timing template" available, which should increase the speed, however it doesn't go beyond that.
Luckily, one of the core principles of AutoRecon v2 is that users should be able to easily configure commands to their liking. As a result, there is an --nmap-append command line option, which allows the user to pass extra arguments to every Nmap command. For example, you could run AutoRecon with --nmap-append="-T5" to use the fastest timing template, or even set --nmap-append="--min-rate=5000 --min-parallelism=5000" which tells Nmap to send at least 5000 packets per second, and scan 5000 ports concurrently.
The short answer: it didn't.
The long answer: AutoRecon doesn't do any port scanning itself, it relies on other programs like Nmap. So Nmap missed the port/service. Why did that happen? Well, it could be multiple reasons. Maybe the network got flooded with packets and responses didn't get returned, maybe the port/service wasn't up when it was scanned, etc.
You should not rely on just one tool for enumeration either. If you have time, run multiple Nmap scans. If you find ports that AutoRecon didn't, you can always re-run AutoRecon with the -p command line option and a comma separated list of ports for it to scan.