Nmap Development mailing list archives
Re: Call for testers: nsock poll(2)-engine
From: David Fifield <david () bamsoftware com>
Date: Wed, 7 Mar 2012 22:19:55 -0800
On Sun, Feb 19, 2012 at 04:23:38PM +0100, Henri Doreau wrote:
Hello, I've developed a new IO engine for nsock, based on poll(2) (UNIX like systems) or WSAPoll (Windows systems - thanks to Arnaud Bellec for helping there). I would appreciate some feedback on it, especially from people running non-linux platforms (BSDs, Mac OS, Windows...). To get the code: svn co https://svn.nmap.org/nmap-exp/henri/nmap-pollengine Possible stress tests: # Basic operations nmap -sVC <targets> # High speed TCP connect nping --tcp-connect -c 2000 --rate 2000 localhost # PCAP code nmap --traceroute --script firewalk,qscan,ipidseq <targets> Also the new engine is always enabled under windows (due to a hardcoded #define HAVE_POLL 1 in nsock/include/nsock_winconfig.h) which might break compilation on platforms that don't provide the WSAPoll function. Although this is probably trivial, I have absolutely no idea how to add a conditional check (ala configure) to the visual studio project files and don't have any Windows box to experiment. If someone well versed in Windows development could give it a try that would be much appreciated. The new engine should bring a considerable scalability gain, since it removes the current limitation of FD_SETSIZE (usually 1024; 64 on windows) concurrent sockets on all platforms but Linux (for which we already have an epoll(7)-based engine). The new engine is defined first in the engines list, and should therefore be selected by default, even on epoll-aware systems. This is for testing purposes.
I did a quick test of this. I noticed that nmap-pollengine gave this error: Got nsock CONNECT response with status ERROR - aborting this service But nmap trunk gave this: Got nsock CONNECT response with status TIMEOUT - aborting this service I put the logs at the end of this message. This is Linux 3.2.0-1-amd64 #1 SMP Sun Feb 5 15:17:15 UTC 2012 x86_64 GNU/Linux David Fifield ./nmap -sV -d www.bamsoftware.com nmap trunk Scanning www.bamsoftware.com (69.164.193.231) [1000 ports] Packet capture filter (device wlan0): dst host 10.32.48.93 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 69.164.193.231))) Discovered open port 443/tcp on 69.164.193.231 Discovered open port 995/tcp on 69.164.193.231 Discovered open port 80/tcp on 69.164.193.231 Discovered open port 587/tcp on 69.164.193.231 Discovered open port 993/tcp on 69.164.193.231 Discovered open port 22/tcp on 69.164.193.231 Discovered open port 9001/tcp on 69.164.193.231 Completed SYN Stealth Scan at 18:40, 5.53s elapsed (1000 total ports) Overall sending rates: 360.54 packets / s, 15863.76 bytes / s. Initiating Service scan at 18:40 Scanning 7 services on www.bamsoftware.com (69.164.193.231) Got nsock CONNECT response with status TIMEOUT - aborting this service Completed Service scan at 18:41, 30.76s elapsed (7 services on 1 host) Starting RPC scan against www.bamsoftware.com (69.164.193.231) NSE: Script scanning 69.164.193.231. NSE: Starting runlevel 1 (of 1) scan. Nmap scan report for www.bamsoftware.com (69.164.193.231) Host is up, received echo-reply (0.091s latency). rDNS record for 69.164.193.231: melchior.bamsoftware.com Scanned at 2012-03-07 18:40:53 PST for 37s Not shown: 991 filtered ports Reason: 991 no-responses PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 5.5p1 Debian 6+squeeze1 (protocol 2.0) 80/tcp open http syn-ack Apache httpd 2.2.16 ((Debian)) 443/tcp open ssl/http syn-ack Apache httpd 2.2.16 ((Debian)) 587/tcp open smtp syn-ack Exim smtpd 4.72 843/tcp closed unknown reset 993/tcp open ssl/imap syn-ack Dovecot imapd 995/tcp open ssl/pop3 syn-ack Dovecot pop3d 7070/tcp closed realserver reset 9001/tcp open ssl/tor-orport? syn-ack Service Info: OS: Linux; CPE: cpe:/o:linux:kernel Final times for host: srtt: 91010 rttvar: 6068 to: 115282 Read from /home/david/nmap-git: nmap-payloads nmap-rpc nmap-service-probes nmap-services. Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 36.96 seconds Raw packets sent: 1997 (87.844KB) | Rcvd: 12 (504B) nmap-pollengine Scanning www.bamsoftware.com (69.164.193.231) [4 ports] Packet capture filter (device wlan0): dst host 10.32.138.52 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 69.164.193.231))) We got a ping packet back from 69.164.193.231: id = 58053 seq = 0 checksum = 7482 Completed Ping Scan at 15:57, 0.09s elapsed (1 total hosts) Overall sending rates: 43.25 packets / s, 1643.65 bytes / s. mass_rdns: Using DNS server 171.64.7.55 mass_rdns: Using DNS server 171.64.7.77 mass_rdns: Using DNS server 171.64.7.99 Initiating Parallel DNS resolution of 1 host. at 15:57 mass_rdns: 0.01s 0/1 [#: 3, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 15:57, 0.01s elapsed DNS resolution of 1 IPs took 0.02s. Mode: Async [#: 3, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0] Initiating SYN Stealth Scan at 15:57 Scanning www.bamsoftware.com (69.164.193.231) [1000 ports] Packet capture filter (device wlan0): dst host 10.32.138.52 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 69.164.193.231))) Discovered open port 993/tcp on 69.164.193.231 Discovered open port 587/tcp on 69.164.193.231 Discovered open port 22/tcp on 69.164.193.231 Discovered open port 80/tcp on 69.164.193.231 Discovered open port 995/tcp on 69.164.193.231 Discovered open port 443/tcp on 69.164.193.231 Discovered open port 9001/tcp on 69.164.193.231 Completed SYN Stealth Scan at 15:57, 6.08s elapsed (1000 total ports) Overall sending rates: 328.10 packets / s, 14436.23 bytes / s. Initiating Service scan at 15:57 Scanning 7 services on www.bamsoftware.com (69.164.193.231) Got nsock CONNECT response with status ERROR - aborting this service Completed Service scan at 15:57, 23.16s elapsed (7 services on 1 host) Starting RPC scan against www.bamsoftware.com (69.164.193.231) NSE: Script scanning 69.164.193.231. NSE: Starting runlevel 1 (of 1) scan. Nmap scan report for www.bamsoftware.com (69.164.193.231) Host is up, received echo-reply (0.093s latency). rDNS record for 69.164.193.231: melchior.bamsoftware.com Scanned at 2012-03-07 15:57:04 PST for 30s Not shown: 991 filtered ports Reason: 991 no-responses PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 5.5p1 Debian 6+squeeze1 (protocol 2.0) 80/tcp open http syn-ack Apache httpd 2.2.16 ((Debian)) 443/tcp open ssl/http syn-ack Apache httpd 2.2.16 ((Debian)) 587/tcp open smtp syn-ack Exim smtpd 4.72 843/tcp closed unknown reset 993/tcp open ssl/imap syn-ack Dovecot imapd 995/tcp open ssl/pop3 syn-ack Dovecot pop3d 7070/tcp closed realserver reset 9001/tcp open ssl/tor-orport? syn-ack Service Info: OS: Linux; CPE: cpe:/o:linux:kernel Final times for host: srtt: 93255 rttvar: 10064 to: 133511 Read from /home/david/nmap-pollengine: nmap-payloads nmap-rpc nmap-service-probes nmap-services. Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 29.78 seconds Raw packets sent: 1998 (87.888KB) | Rcvd: 14 (645B) _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Call for testers: nsock poll(2)-engine Henri Doreau (Feb 19)
- Re: Call for testers: nsock poll(2)-engine David Fifield (Mar 07)
- Re: Call for testers: nsock poll(2)-engine Henri Doreau (Mar 08)
- Re: Call for testers: nsock poll(2)-engine David Fifield (Mar 07)