Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: design of nmap

From: "Eddie Bell" <ejlbell () gmail com>
Date: Fri, 4 May 2007 10:29:52 +0100
Hi Kaushik,

The scanning engine works by using a state machine. In simple terms, a
big switch statement with supporting data structures that store the
state.

When a packet is received the data structures are checked using the
packets source address. If we find a match then the packet is from a
host we are scanning. We then try and match the packet to a specific
port and record the results in the data structure.

The sending and receiving of packets is interleaved based on various
timing constraints and what packets are available.

This is a very simplistic view of what actually happens but for more
detail check out scan_engine.cc. There is also a less complex but
similar algorithm in traceroute.cc

thanks
 - eddie

On 04/05/07, Kaushik Das <kaushikdas24x7 () yahoo co in> wrote:

Hi,
    Can someone throw some light on the software design of nmap in general.

    Specifically, my question is -
      nmap is a single threaded application. How does it transmit and receive packets   simultaneously?

   Thanks in advance,
   - Kaushik.




---------------------------------
 Check out what you're missing if you're not on Yahoo! Messenger

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: