Nmap Development mailing list archives
Re: [nmap-svn] r8541 - nmap
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 30 Jun 2008 20:17:37 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brandon Enright wrote:
I actually tested this quite a bit but never got a chance to post my results. I scanned ~50k hosts on campus on all 64k ports. I also scanned all our IPs on a about a dozen ports. I also randomly scanned 200M Internet hosts on a handful of ports before Time Warner threatened to turn me off.
Wow, thanks for doing so much testing!
The results: * Nmap never crash * The only errors I triggered were packets with unknown/bad IP options * I couldn't get any really bad packets back It seems that most routers won't forward really screwed up IP packets and since the local router constructs the data-link header most problems can only show up on the local segment. I figure someone could setup a local host that deliberately screws up outgoing frames but overall, I think the patch looks good enough we don't need to do that kind of testing.
All of this is good news, especially knowing that these checks are probably just extra precautions. I was also unable to get bad packets back from the big scans I ran, but I didn't want to rule anything out because I wasn't able to do anywhere near the amount of testing you could.
Brandon
Thanks again, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSGmFsP9K37xXYl36AQIOxw/8DflfcUBUhdT3AzIWQ4AGiUFLXwloU2IO 9fL4D9wff5PEhTXQZ0LzR1FJyoJ3KoO0R2Xy7hD/kqch9xQC9R/ZhRAxPqdl7k9I SFZOMV1kdlWa9zya7rAuze1S4ym4yZSwYSXKbyqpE+7Nuep3IL1L+JLy0CEijwNP 4zdIshhIQAvfpdQmqagLazGUuwTxSveNazTS/dSB1mw/Vc1BrAtwhHcfvcPv9hBp WPtnbiYQutqgU/DCMeBOD7zMAZH1yWgnosFvRH+J4eFVt9CVTm07ccfTHU7ZMj3F TVjN5Kv4KWCM17kgxTix6pt0Fe2of+D5CQj4EqfFRFwW0ZkhhyhQ7OJ0hqUFmSbj F+54mhFiSBu60/XuV+wGyuKZ8J3GAqYaj8uSH2NfZ6ULPmlzJ3VFgcoyHWL/jq3V d037jWmLQf2U8h6rygDMEZzSnyiaYO80vABWhS6C8hOb8+ukxA/aZ8sA7IzDV4GC dLSnMrHh1iTWJ4ECG+sO0Zv4fQHdzD4KW9xAprbHYpgZQtjew4+JMrMlHmYLMMm6 Bg5UTwLjh9LW9UMzkvNiPs8g8VEbN8eulOoTJb7nexW08R8VQC1CVrdW6m8iZj0h OfYPEyUMJZwtH8V9ZhB3WgXyumV1NiMIj/+MJGuZ7+/gSZOz5dHUi3XKIULbs6Tj l3UdrABp3/Q= =UGDt -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [nmap-svn] r8541 - nmap Brandon Enright (Jun 30)
- Re: [nmap-svn] r8541 - nmap Kris Katterjohn (Jun 30)