Nmap Development mailing list archives
NSE loop issue with filtered ports
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Thu, 29 Nov 2007 16:07:28 -0600
While working on a new NSE script, I've noticed an issue with NSE and filtered ports where nmap appears to go into an infinite loop. The process grabs 100% of the available CPU, and the scan never makes any progress. I worked up a test script which replicates the issue. It attempts a connection to a single UDP port, and waits for a response. If I run this script against 10 or fewer hosts, everything works fine. When I run it against 11 or more hosts with the targeted port filtered, I see the issue with the looping. When I enable debug output, after about 7 seconds of typical output, I get hundreds of thousands of lines of output like this: NSOCK (80.9030s) nsock_loop() started (timeout=50ms). 0 events pending I let one of my test sessions run for about a minute with -d enabled, and it generated a little over 500 MB of output: $ ls -lh test4.txt -rw-r--r-- 1 root root 511M 2007-11-29 15:25 test4.txt $ grep nsock_loop test4.txt |wc -l 7550444 $ grep -v nsock_loop test4.txt |wc -l 643 The last few lines before the nsock_loop repeats are: NSOCK (6.9090s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.9090s) wait_for_events NSOCK (6.9090s) PCAP read_on_nonselect NSOCK (6.9090s) PCAP END read_on_nonselect NSOCK (6.9590s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.9590s) wait_for_events NSOCK (6.9590s) PCAP read_on_nonselect NSOCK (6.9590s) PCAP END read_on_nonselect NSOCK (7.0080s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (7.0080s) wait_for_events NSOCK (7.0080s) PCAP read_on_nonselect NSOCK (7.0080s) PCAP END read_on_nonselect NSOCK (7.0580s) Callback: READ TIMEOUT for EID 242 [192.168.128.170:1434] NSOCK (7.0580s) msevent_delete (IOD #10) (EID #242) NSOCK (7.0580s) nsock_loop() started (timeout=50ms). 0 events pending NSOCK (7.0580s) nsock_loop() started (timeout=50ms). 0 events pending NSOCK (7.0580s) nsock_loop() started (timeout=50ms). 0 events pending ... This issue shows up on both Linux and Windows test systems. If anybody would like the test script I used, I'll be happy to share it. If any more information would be helpful, I'll try to provide it. Thanks, Thomas _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE loop issue with filtered ports Thomas Buchanan (Nov 29)
- RE: NSE loop issue with filtered ports Thomas Buchanan (Nov 29)
- Re: NSE loop issue with filtered ports Brandon Enright (Nov 29)
- RE: NSE loop issue with filtered ports Thomas Buchanan (Nov 29)
- Re: NSE loop issue with filtered ports Brandon Enright (Nov 29)
- RE: NSE loop issue with filtered ports Thomas Buchanan (Nov 29)