Nmap Development mailing list archives
Re: [Zenmap-Patch] Reducing Topology Noise
From: Jay Bosamiya <jaybosamiya () gmail com>
Date: Wed, 09 Jul 2014 19:53:56 +0530
Hi All! I've attached an updated the patch with some modifications. Previously, the patch would lose info about number of hops since it worked like: / X -> X \ .. -> a b -> .. => .. -> a -> X -> b -> .. \ X -> X / (where lowercase letters (i.e. a,b) are normal and X are anonymous) The new patch maintains the info about number of hops. The patch now works like: / X -> X \ .. -> a b -> .. => .. -> a -> X -> X -> b -> .. \ X -> X / As for hop_split.xml, It now works as: / X -> b -> .. / b -> .. .. -> a => .. -> a -> X \ X -> c -> .. \ c -> .. This change makes sense, since we keep all info about number of hops, but there is absolutely no way to distinguish between the two X's. As for the change I mentioned for anon_hops_at_known.xml in my previous mail, I think that this could be something for a future patch due to some complications that may arise. Feedback is welcome as always :) Note: I have added a few more test cases to the zip (hop_split_at_different_anon.xml, hop_split_at_different_real.xml and long_anon.xml) which make the changes even more obvious and should help review the patch better. Cheers, Jay On Saturday 21 June 2014 03:47 PM, Jay Bosamiya wrote:
Hi All! I've been working on reducing Zenmap's Topology view to reduce noise due to anonymous hops. Basically what it does is this: / anon_1 \ ..-> ip_a ip_b -> .. => .. -> ip_a -> anon -> ip_b -> .. \ anon_2 / A big thanks to Anders Sundman for sending in a patch [1] that tried to do this. Your patch helped a lot though it only solved part of the problem (worked with only single anonymous hops in parallel). The current patch can also handle things like: / anon_1 -> anon_2 \ ..->ip_a ip_b->.. => .. ->ip_a -> anon -> ip_b->.. \ anon_3 -> anon_4 / Attached is the patch. Also attached is a zip file containing XMLs to test with (traceroutes with anonymous hops in different combinations). There are a few cases that we need to think about, however, namely "anon_hops_at_known.xml" or "hop_split.xml" (from the zip file attached). For "anon_hops_at_know.xml", I think that the anonymous hop should be removed completely (since 1.1.1.2 fits perfectly instead of the anon). I think that it should work like: / anon_1 \ ..-> ip_a ip_c -> .. => .. -> ip_a -> ip_b -> ip_c -> .. \ ip_b / For "hop_split.xml", I am not sure what should be done. Currently, it works like: / anon_1 -> ip_b -> .. ..-> ip_a \ anon_2 -> ip_c -> .. but I think it would be better if it became: / ip_b -> .. ..-> ip_a -> anon \ ip_c -> .. I have not implemented the 2 changes since I wanted some feedback before I did so. Cheers, Jay
Attachment:
noiseRemoval.patch
Description:
Attachment:
testXMLfiles.zip
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [Zenmap-Patch] Reducing Topology Noise Jay Bosamiya (Jul 09)
- Re: [Zenmap-Patch] Reducing Topology Noise Daniel Miller (Jul 29)
- Re: [Zenmap-Patch] Reducing Topology Noise Jay Bosamiya (Jul 30)
- Re: [Zenmap-Patch] Reducing Topology Noise Daniel Miller (Jul 29)