Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nmap sometimes shows negative latencies #863

dmiller-nmap opened this issue Apr 22, 2017 · 3 comments


Copy link

commented Apr 22, 2017

Have seen multiple reports of this, but have no info about which systems are affected. Please provide observations including:

  1. Output of nmap --version
  2. Options used
  3. Is it repeatable?
  4. Network type (802.11n, gigabit Ethernet, 100Mbps Fast Ethernet, etc)
  5. Output with --packet-trace

Existing reports:


This comment has been minimized.

Copy link

commented Feb 15, 2018

  1. nmap --version :

Nmap version 7.40 ( )
Platform: x86_64-pc-linux-gnu
Compiled with: liblua-5.3.3 openssl-1.1.0c libpcre-8.39 libpcap-1.8.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

  1. Options used: nmap -sP --packet-trace

  2. This is reproducible with high probability on bare hardware; OS Linux 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3 (2017-12-03) x86_64 GNU/Linux

  3. Network is fairly generic, e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow Control: Rx/Tx

  4. Relevant portions of output, with altered IPs/MACs:

nmap -sP --packet-trace

Starting Nmap 7.40 ( ) at 2018-02-15 05:29 UTC
SENT (1.6851s) ARP who-has tell
SENT (1.7859s) ARP who-has tell
SENT (1.8860s) ARP who-has tell
RCVD (1.6859s) ARP reply is-at 40:40:40:40:40:40
RCVD (1.7866s) ARP reply is-at 40:40:40:40:40:40
Nmap scan report for
Host is up (-0.100s latency).
MAC Address: 40:40:40:40:40:40 (Unknown)
  1. Analysis: it seems like the ARP request is sent multiple times, and when performing latency calculation, the first response's and the last request's timestamps are used, which gives -0.1s.

This comment has been minimized.

Copy link

commented Feb 26, 2019

Hi, I wonder why there is no progress here.
I can see negative latency values on my network when issuing nmap -sn -T5 ... with both versions: 7.40 and 7.70SVN. Isn't @szakharchenko's analysis correct?


This comment has been minimized.

Copy link

commented Feb 26, 2019

@P4z : nobody seems to care:)

@nmap-bot nmap-bot closed this in f519e64 Mar 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
3 participants
You can’t perform that action at this time.