Nmap Development mailing list archives
Re: Nmap 4.21ALPHA4 DNS resolve timeout
From: Henrik Zagerholm <henke () mac se>
Date: Tue, 26 Jun 2007 15:57:45 +0200
26 jun 2007 kl. 13:14 skrev Eddie Bell:
On 26/06/07, Henrik Zagerholm <henke () mac se> wrote:Sorry for being unclear but the output from my ruby script example is regexped so it doesn't return the same input. The bottom line is that my script is almsot 10 times faster than a single nmap call. How can that be.Ah sorry, I misread your email, you do -sP both times. The results are strange, perhaps it is something to do with being on a private network. Have you tried the same thing on a public network?Question number 2 is that if I do nmap -sL 10.0.0.5 and that IP doesn't have an entry in the DNS that call takes about 15 seconds. How can I set a timeout on this?The DNS timeouts do not look like they not related to any command line argument, instead they are defined in nmap_dns.c along with a group of other performance parameters. If you are desperate to improve the speed you could edit these values but you may sacrifice reliability. - eddie
Hi Eddie, I've looked at the code and the performance parameters. I also found a hardcoded max timeout of 500ms. if (min_timeout > 500) return 500; else return min_timeout; Attached below you will see an output from me running a query against a single server with an IP adress that is not resolvable. What I wonder is: 1. What parameter controls number of nsock_loop() calls? 2. It looks like it does this in 3 blocks. First 7 calls to nsock_loop() then Write request for 44 bytes to IOD #1 EID 35 [10.170.0.40:53]: .............206.26.170.10.in-addr.arpa..... Then 7 more calls to nsock_loop() then Write request for 44 bytes to IOD #1 EID 35 [10.170.0.40:53]: .............206.26.170.10.in- addr.arpa..... And finaly 10 calls to nsock_loop(). Is this true or does it just looks like it does it in 3 blocks? If it is 3 blocks how can I change this? Thanks! //Henrik henke@safecube:~$ nmap -sP 10.170.26.206 -d3 --dns-servers 10.170.0.40 Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-26 15:26 CEST Fetchfile found /usr/local/share/nmap/nmap-services The max # of sockets we are using is: 0 --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 msx-scan-delay: TCP 1000, UDP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 --------------------------------------------- doing 0.0.0.0 = 10.170.26.206 Packet capture filter (device eth0): (icmp and dst host 10.170.4.217) or ((tcp or udp) and dst host 10.170.4.217 and ( dst port 36838 or dst port 36839 or dst port 36840 or dst port 36841 or dst port 36842)) SENT (0.0240s) ICMP 10.170.4.217 > 10.170.26.206 Echo request (type=8/ code=0) ttl=45 id=19496 iplen=28 SENT (0.0240s) TCP 10.170.4.217:36838 > 10.170.26.206:80 A ttl=48 id=12679 iplen=40 seq=2393512030 win=1024 ack=3014269022 RCVD (0.0600s) ICMP 10.170.26.206 > 10.170.4.217 Echo reply (type=0/ code=0) ttl=125 id=6318 iplen=28 We got a ping packet back from 10.170.26.206: id = 39020 seq = 43105 checksum = 48945 Hostupdate called for machine 10.170.26.206 state UNKNOWN/COMBO -> HOST_UP (trynum 0, dotimeadj: yes time: 36098) Finished block: srtt: 35907 rttvar: 35907 timeout: 179535 block_tries: 1 up_this_block: 1 down_this_block: 0 group_sz: 1 massping done: num_hosts: 1 num_responses: 1 mass_rdns: Using DNS server 10.170.0.40 NSOCK (0.2160s) UDP connection requested to 10.170.0.40:53 (IOD #1) EID 8 NSOCK (0.2160s) Read request from IOD #1 [10.170.0.40:53] (timeout: -1ms) EID 18 Initiating Parallel DNS resolution of 1 host. at 15:26 NSOCK (0.2160s) Write request for 44 bytes to IOD #1 EID 27 [10.170.0.40:53]: .............206.26.170.10.in-addr.arpa..... NSOCK (0.2160s) nsock_loop() started (timeout=500ms). 3 events pending NSOCK (0.2160s) Callback: CONNECT SUCCESS for EID 8 [10.170.0.40:53] NSOCK (0.2160s) Callback: WRITE SUCCESS for EID 27 [10.170.0.40:53] NSOCK (0.7200s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (1.2190s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (1.7200s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (2.2190s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (2.7200s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (3.2190s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (3.7200s) nsock_loop() started (timeout=496ms). 1 events pending NSOCK (4.2150s) Write request for 44 bytes to IOD #1 EID 35 [10.170.0.40:53]: .............206.26.170.10.in-addr.arpa..... NSOCK (4.2150s) nsock_loop() started (timeout=500ms). 2 events pending NSOCK (4.2150s) Callback: WRITE SUCCESS for EID 35 [10.170.0.40:53] NSOCK (4.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (5.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (5.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (6.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (6.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (7.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (7.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (7.9680s) Callback: READ SUCCESS for EID 18 [10.170.0.40:53] (44 bytes): .............206.26.170.10.in-addr.arpa..... NSOCK (7.9680s) Read request from IOD #1 [10.170.0.40:53] (timeout: -1ms) EID 42 NSOCK (7.9680s) Write request for 44 bytes to IOD #1 EID 51 [10.170.0.40:53]: .............206.26.170.10.in-addr.arpa..... NSOCK (7.9680s) Callback: WRITE SUCCESS for EID 51 [10.170.0.40:53] NSOCK (8.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (8.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (9.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (9.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (10.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (10.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (11.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (11.7160s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (12.2150s) nsock_loop() started (timeout=500ms). 1 events pending NSOCK (12.7160s) nsock_loop() started (timeout=252ms). 1 events pending mass_rdns: 12.75s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 1, TR: 3] Completed Parallel DNS resolution of 1 host. at 15:26, 12.75s elapsed DNS resolution of 1 IPs took 12.75s. Mode: Async [#: 1, OK: 0, NX: 0, DR: 1, SF: 1, TR: 3, CN: 0] Host 10.170.26.206 appears to be up. Nmap finished: 1 IP address (1 host up) scanned in 12.968 seconds Raw packets sent: 2 (68B) | Rcvd: 1 (46B)
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Eddie Bell (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Eddie Bell (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Eddie Bell (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout doug (Jun 26)
- Re: Nmap 4.21ALPHA4 DNS resolve timeout Henrik Zagerholm (Jun 27)