Nmap Development mailing list archives
RE: Asynchronous DNS Patch
From: "Sina Bahram" <sbahram () nc rr com>
Date: Tue, 6 Dec 2005 16:53:55 -0500
Aha, ... It crashes I'll have to debug it to let you know where, but it got this far on the output ... Winpcap present, dynamic linked to: WinPcap version 3.1 (packet.dll version 3, 1 , 0, 27), based on libpcap version 0.9[.x] Starting Nmap 3.93 ( http://www.insecure.org/nmap ) at 2005-12-06 16:51 Eastern Standard Time Warning: File ./nmap-services exists, but Nmap is using C:\nmap2/nmap-services f or security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Take care, Sina -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of doug () hcsw org Sent: Tuesday, December 06, 2005 5:24 PM To: nmap-dev () insecure org Subject: Re: Asynchronous DNS Patch Hi Sina, On Tue, Dec 06, 2005 at 11:30:44AM -0500 or thereabouts, Sina Bahram wrote:
Hi Doug, I ran the windows binary on xp sp2.
Great! Are you saying that the --async_dns option works in that windows binary? The usual way I test the performance with the current incarnation of the patch is as follows: ./nmap --async_dns -sL -R -v -d -iR 100 That will use the new async resolver to try resolving 100 random IPs. It will resolve all 100 IPs (-R) instead of just the ones determined to be up. The -v and -d give some more detailed "in progress" and "afterwards" reports on DNS. I would be very interested to hear if the above command produces a line like the following for you: DNS resolution of 100 IPs took 9.29s. Mode: Async [#: 2, OK: 18, NX: 76, SF: 0, RE: 61, DR: 6] Because I've been having some problems with it running on windows server 2k3. It dies mysteriously somewhere during the async DNS process. If you used the windows binary in combination with the --async_dns switch that would be very interesting. I guess it would mean I have something strange with my windows setup. Yes, seeing the same scan improve several fold after performing it once is not unusual and, yup, you called it: caching DNS servers. In the performance notes, I made sure to perform the scan a few times to ensure that the targets are as cached as possible. That's great that you're interested in this patch and improving its performance. I think that tuning the network parameters at the top of the new file nmap_dns.cc is the most likely to prove fruitful for getting the async DNS to be as fast as possible. It's true I'm not using the most advanced algorithms possible for storing and updating the results, but I usually notice little to no CPU activity on the machine while performing the DNS. I think the next performance-related step should be to introduce some sort of auto-tuning functionality for the parameters. There are times during a scan I know that different parameters would improve the performance vastly but those weren't the ones configured at compile-time. The parameters I've chosen right now are fairly conservative and are mostly designed for accuracy. Maybe we should have a -T equivalent for DNS? Thanks for your interest in the patch! Doug _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Asynchronous DNS Patch doug (Dec 05)
- RE: Asynchronous DNS Patch Sina Bahram (Dec 06)
- Re: Asynchronous DNS Patch doug (Dec 06)
- RE: Asynchronous DNS Patch Sina Bahram (Dec 06)
- Re: Asynchronous DNS Patch doug (Dec 06)
- RE: Asynchronous DNS Patch Sina Bahram (Dec 06)