Nmap Development mailing list archives
Re: [nmap-svn] r8541 - nmap
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 1 Jul 2008 00:44:49 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 30 Jun 2008 16:55:19 -0700 Kris Katterjohn <katterjohn () gmail com> committed:
Author: kris Date: Mon Jun 30 16:55:19 2008 New Revision: 8541 Modified: nmap/idle_scan.cc nmap/osscan2.cc nmap/scan_engine.cc nmap/tcpip.cc nmap/tcpip.h nmap/traceroute.cc Log: Adding packet validity checking to readip_pcap() so the caller can assume the packet is OK from the get-go rather than running basic checks of it's own.
...snip...
This seems to work great after doing what testing I could. It's been out on nmap-dev for a couple of weeks without any bad reports (none at all for that matter). I reviewed this patch again before committing and it looks good as well.
I actually tested this quite a bit but never got a chance to post my results. I scanned ~50k hosts on campus on all 64k ports. I also scanned all our IPs on a about a dozen ports. I also randomly scanned 200M Internet hosts on a handful of ports before Time Warner threatened to turn me off. The results: * Nmap never crash * The only errors I triggered were packets with unknown/bad IP options * I couldn't get any really bad packets back It seems that most routers won't forward really screwed up IP packets and since the local router constructs the data-link header most problems can only show up on the local segment. I figure someone could setup a local host that deliberately screws up outgoing frames but overall, I think the patch looks good enough we don't need to do that kind of testing. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkhpfggACgkQqaGPzAsl94Is/ACgnisHWYQNT4kj2UR6JNEmFJHN AxQAnAzEcBfUZ53qPTiM45cmufLzL0dt =I7Dm -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [nmap-svn] r8541 - nmap Brandon Enright (Jun 30)
- Re: [nmap-svn] r8541 - nmap Kris Katterjohn (Jun 30)