Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets

From: jah <jah () zadkiel plus com>
Date: Thu, 01 May 2008 00:23:38 +0100
On 30/04/2008 22:44, Brandon Enright wrote:

The end result of all of this is that Nmap can only make 11215879
unique IPs and that if you pass a number greater than about 64M to -iR
you should be able to generate all of them.  I have generated a list of
100M several times and confirmed that it always produces the same
11215879 unique IPs.

That's incredible.  And particularly poor.  Nice find!


The other (not mutually-exclusive) option available to us is to
implement our own PRNG using Mersenne Twister or some other
high-quality PRNG.  This has a few advantages over what we have right
now:

* Even if OpenSSL isn't compiled in, we'll still have a good RNG source

* We could implement a --seed option to generate the *same* set of IPs
across all operating systems Nmap runs on

* There is a big coolness factor associated with quality PRNGs ;-)
...
If anyone thinks --seed would be useful now is the time to chime in!


--seed would surely be useful when testing stuff and needing to reuse
the same random targets.  MT can be made cryptographically secure too,
according to the blurb
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
<http://www.math.sci.hiroshima-u.ac.jp/%7Em-mat/MT/efaq.html>
so there could be both options even without OpenSSL?

jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: