Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New development in host discovery: response rate scaled congestion control

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Thu, 6 Sep 2007 04:58:20 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 5 Sep 2007 18:07:21 -0600 plus or minus some time David Fifield
<david () bamsoftware com> wrote:


On Thu, Sep 06, 2007 at 12:01:30AM +0000, Brandon Enright wrote:

$ du -sh david_output/
24G     david_output/


That's 24G of coolness points you get for doing so much testing.

David



Okay well after wiping out that 24G of coolness, I've made 5.2G more.  -d2
with --packet-trace is *extremely* verbose...

I did 2 rounds of testing, 4 scans per round.  The first was done with
r5786 and the second with r5788.

Here are the test results for round 1:

Same base template I've been using.  All scans were started at the same
time.

64-64: (david_new_2a.svg)
# Nmap done at Thu Sep  6 01:31:57 2007 -- 186368 IP addresses (10602 hosts
up) scanned in 5013.688 seconds

64-2048: (david_new_2b.svg)
# Nmap done at Thu Sep  6 01:16:10 2007 -- 186368 IP addresses (7656 hosts
up) scanned in 4066.421 seconds

2048-2048: david_new_2c.svg)
# Nmap done at Thu Sep  6 01:16:10 2007 -- 186368 IP addresses (7656 hosts
up) scanned in 4066.421 seconds

NOMIN-NOMAX (just -T5): david_new_2d.svg)
# Nmap done at Thu Sep  6 01:47:37 2007 -- 186368 IP addresses (8972 hosts
up) scanned in 5943.742 seconds

For some reason not specifying a min or max took longer and found far fewer
hosts than 64-64 did.  This was my primary motivation for doing round 2
with r5788.


Here is round 2, same settings, just added the cwnd scaling factor cap of
50:

64-64: (david_new_3a.svg)
# Nmap done at Thu Sep  6 04:09:06 2007 -- 186368 IP addresses (8684 hosts
up) scanned in 5334.607 seconds

64-2048: (david_new_3b.svg)
# Nmap done at Thu Sep  6 03:51:59 2007 -- 186368 IP addresses (7105 hosts
up) scanned in 4306.403 seconds

2048-2048: (david_new_3c.svg)
# Nmap done at Thu Sep  6 03:44:17 2007 -- 186368 IP addresses (7809 hosts
up) scanned in 3843.870 seconds

NOMIN-NOMAX (just -T5): (david_new_3d.svg)
# Nmap done at Thu Sep  6 04:24:50 2007 -- 186368 IP addresses (7795 hosts
up) scanned in 6275.512 seconds

Again, not specifying any parallelism took longer and performed worse.  The
difference in hosts found between round 1 and round 2 is because these
scans were done late in the work day as machines were being turned off.

I can't explain these results.  I've generated graphs these scans in case
those will be helpful at all.  I removed the y axis limit of 80 before
generating these.  The graphs are located at:

http://noh.ucsd.edu/~bmenrigh/nmap/

See the names above to see which scans corresponds to which graph.

I can grep through the logs to provide drop data etc if you're interested.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFG34jsqaGPzAsl94IRAmOPAJ9+fRyLnE734GV0QCw9RHW16/4kowCeIbwQ
wraEIrhdxvuhUZBktmyS178=
=Tv57
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: