Nmap Development mailing list archives
Tudor's Status Report - #8 of #17
From: Tudor-Emil COMAN <tudor_emil.coman () cti pub ro>
Date: Mon, 20 Jun 2016 22:09:14 +0000
Hello, This week I've been bogged down solving some issues with my code. I've finally got it up and running and performed some tests to see how it adds up. So you can see the code on my GitHub: https://github.com/nmap/nmap/compare/master...Tudor-Coman:iocp2?expand=1 I am aware that we are using SVN for development but I thought it would be more accessible if the comparison was only a click away and readable in the browser. I have used nmap's service scan to perform the test. I know that is insufficient and I will be looking into other ways of testing in the future. For the first set of measurements I configured an Apache server inside a VM. Then I used iptables to redirect a lot of ports to port 80 with a command like: iptables -t nat -A PREROUTING -p tcp --dport 2000:40000 -j REDIRECT --to-port 80 So from the outside it would appear we have a lot of open ports with Apache listening on them. Now I didn't use the event MPM to support an insane number of connections. Reading the documentation it would appear that Apache is configured to service 256 clients (via it's MaxClients directive). So I figured if the parallelism level doesn't go above that value it shouldn't affect the measurements. I started with: nmap.exe -n 192.168.56.2 -sSV --nsock-engine=select -p 2000-2200 --min-parallelism 40 --max-parallelism 40 And I kept increasing the parallelism value with an increment of 5 until I reached 85 for all the engines on Windows. You can see the graph in the apache_comparison.png attached to this email. For the second set of measurements I put nginx on my old computer and used that as a target. I also used iptables to redirect a bunch of ports. My laptop from where I'm performing the scan is connected to the old computer via a wi-fi router. It's a similar methodology with what I did above. You can see the graph in the nginx_comparison.png attached to this email. One thing to note is that for the second set I used the newest commit on Github while on the first set for the Apache I was using an older commit, I don't know how much that would affect the results. Accomplishments: - Added support for SSL - Solved a nasty concurrency issue - Cleaned the code - Made some measurements Priorities: - Find other ways to test it besides just using nmap. Cheers, Tudor
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Tudor's Status Report - #8 of #17 Tudor-Emil COMAN (Jun 20)