Studying nmap using strace

[James Rogers <jamesmrogers () gmail com>]

Used strace to see what was going on under the hood with the nmap command:

sudo strace -o ../output00001.txt ./nmap -n -p 8080 localhost --reason
--packet-trace

The result file is huge and I am going to keep annotating it for the
next few days, so I put it over on my blog:

http://mystry-geek.blogspot.com/2012/05/analyzing-nmap-using-strace.html

Don't want to send huge messages to the mailing list.  I clipped off
the library loading done at the beginning, just going to turn this
into a list of libraries we load.

It is very interesting to see how nmap is looking for many config
files.  This might be an area to optimize, because it does seem to
take a while to load in all these files.

Performing the actual scan of this single host is done in just a few
calls at the end of everything and is only a small fraction of the
time nmap is running.

I colorized the stream numbers at the end to tie together the calls.

Tomorrow I am going to follow this through with the debugger  and the
lxr database I have built to get a feel for where in the code base
each of these functions occurs.

All of this is very amazing code.  I am learning a lot about
networking that I never knew before, and I did application programming
for several years.  I feel privileged to be helping everyone out!

Thanks,
James
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/