Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Tudor's Status Report - #8 of #17

From: Tudor-Emil COMAN <tudor_emil.coman () cti pub ro>
Date: Mon, 20 Jun 2016 22:09:14 +0000
Hello,



This week I've been bogged down solving some issues with my code. I've finally got it up and running and performed some 
tests to see how it adds up.


So you can see the code on my GitHub: https://github.com/nmap/nmap/compare/master...Tudor-Coman:iocp2?expand=1

I am aware that we are using SVN for development but I thought it would be more accessible if the comparison was only a 
click away and readable in the browser.

I have used nmap's service scan to perform the test. I know that is insufficient and I will be looking into other ways 
of testing in the future.


For the first set of measurements I configured an Apache server inside a VM. Then I used iptables to redirect a lot of 
ports to port 80 with a command like:
iptables -t nat -A PREROUTING -p tcp --dport 2000:40000 -j REDIRECT --to-port 80
So from the outside it would appear we have a lot of open ports with Apache listening on them.
Now I didn't use the event MPM to support an insane number of connections. Reading the documentation it would appear 
that Apache is configured to service 256 clients (via it's MaxClients directive). So I figured if the parallelism level 
doesn't go above that value it shouldn't affect the measurements.

I started with:
nmap.exe -n 192.168.56.2 -sSV --nsock-engine=select -p 2000-2200 --min-parallelism 40  --max-parallelism 40

And I kept increasing the parallelism value with an increment of 5 until I reached 85 for all the engines on Windows.
You can see the graph in the apache_comparison.png attached to this email.


For the second set of measurements I put nginx on my old computer and used that as a target. I also used iptables to 
redirect a bunch of ports.
My laptop from where I'm performing the scan is connected to the old computer via a wi-fi router.
It's a similar methodology with what I did above.
You can see the graph in the  nginx_comparison.png attached to this email.

One thing to note is that for the second set I used the newest commit on Github while on the first set for the Apache I 
was using an older commit, I don't know how much that would affect the results.



Accomplishments:
- Added support for SSL
- Solved a nasty concurrency issue
- Cleaned the code
- Made some measurements

Priorities:
- Find other ways to test it besides just using nmap.


Cheers,
Tudor



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: