RE: NSE loop issue with filtered ports

["Thomas Buchanan" <TBuchanan () thecompassgrp net>]

> -----Original Message-----
> From: nmap-dev-bounces () insecure org 
> [mailto:nmap-dev-bounces () insecure org] On Behalf Of Brandon Enright
> Sent: Thursday, November 29, 2007 4:41 PM
> To: Thomas Buchanan
> Cc: nmap-dev () insecure org; bmenrigh () ucsd edu
> Subject: Re: NSE loop issue with filtered ports
>
>
> Almost certainly.  There was a file handle limitation (and 
> thrashing) issue
> to which Majek and David cooked up solutions that were both 
> applied.  A
> minimum number of parallel NSOCK handles was set to 10 so 
> that NSE could
> still get work done even when the max-parallelism was really low.
>
> Any script that tries to open up more than the 
> max-parallelism (at least
> more than 10) before using them will deadlock.
>
> I suppose there could be other issues too.  Can you provide 
> your script or
> at least describe what triggers the issue?
>
> Brandon
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
>
> iD8DBQFHTz/9qaGPzAsl94IRAvzpAJ4/LxB7lo8SToQH2Mj1rOrZrdzRlQCggfZq
> FSnowo5UK18XOJ9cjZTKrS4=
> =gWEw
> -----END PGP SIGNATURE-----

I've attached a test script that triggers the issue.  It attempts a
single connection to UDP port 1434 (MS SQL monitor), and reads any
reply.  Run against <= 10 hosts concurrently things are fine.  Run
against > 10 hosts, and nmap gets a little crazy.

The target port doesn't really matter, as long as the port is filtered,
not open or closed.  I chose this one for my test script because it was
convenient for me.

Thomas

Attachment: test.nse
Description: test.nse

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org