Hello, I've noticed that nmap is rather slow when scanning with -sS in contrast to -sT and also to -sS in Linux. With a clean 5.2 install and pf disabled, running a scan of this type takes 329.10s while for the same host but with instead -sT is 0.46s!
I did some debugging and found that the "overall sending rates" in the -sS are much lower than in -sT, 3.39 packets/s versus 3283.79 packets/s. This rate is automatically adjusted by nmap itself although I can specify "--min-rate" which I've noticed that helps the -sS scan. Here's some output from the debugging with just two ports: ### -sS Scan # sudo nmap -n -d --packet-trace -sS 192.168.1.1 | egrep -C1 "(rates|scanned)" Completed ARP Ping Scan at 18:47, 0.21s elapsed (1 total hosts) Overall sending rates: 9.49 packets / s, 398.75 bytes / s. Initiating SYN Stealth Scan at 18:47 -- Completed SYN Stealth Scan at 18:53, 326.76s elapsed (1000 total ports) Overall sending rates: 3.39 packets / s, 149.33 bytes / s. Nmap scan report for 192.168.1.1 -- Read from /usr/local/share/nmap: nmap-mac-prefixes nmap-payloads nmap-services. Nmap done: 1 IP address (1 host up) scanned in 327.10 seconds Raw packets sent: 1111 (48.852KB) | Rcvd: 1109 (44.384KB) ### -sT Scan # sudo nmap -n -d --packet-trace -sT 192.168.1.1 | egrep -C1 "(rates|scanned)" Completed ARP Ping Scan at 18:47, 0.20s elapsed (1 total hosts) Overall sending rates: 9.74 packets / s, 409.24 bytes / s. Initiating Connect Scan at 18:47 -- Completed Connect Scan at 18:47, 0.30s elapsed (1000 total ports) Overall sending rates: 3283.79 packets / s. Nmap scan report for 192.168.1.1 -- Read from /usr/local/share/nmap: nmap-mac-prefixes nmap-payloads nmap-services. Nmap done: 1 IP address (1 host up) scanned in 0.64 seconds Raw packets sent: 2 (56B) | Rcvd: 1 (28B) Any feedback is welcome. Thanks. cheers, --rodolfo