Nmap Development mailing list archives
Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow.
From: jayrhine () comcast net
Date: Mon, 11 Aug 2008 13:06:47 +0000
Correction on the speed comparisons, those are for default port ranges instead of a complete scan from 0-65535 ... forget to specify the -p0-65535 option during the scan ... I'll have to rethink the performance improvement. It is still definitely a big improvement, but maybe not as much as I was thinking. looks like a full tcp port scan with no rate limiting, takes about 5 seconds on Linux and 10-12 minutes on Solaris with the patch (it would have taken hours without the patch). Jay -------------- Original message ---------------------- From: jayrhine () comcast net
The most accurate way to tell which nmap is using is to go into its libpcap directory and ./configure :Okay, its definately running DLPI.When you get a chance could you put this code snippet where my OpenBSD patch went in tcpip.cc? It's an *untested* modification of the code from the above message:Okay, I applied this patch and it made a major difference. Its still not as fast as linux, but it is much faster. For comparison I've scanned an old Solaris 7 host (good for speed tests because it has 0 tcp rate limiting, and udp rate limiting can be disabled). Linux Nmap doing a complete TCP Scan (0-65535) - 1.1 seconds Linux Nmap doing a complete UDP Scan (0-65535) - 1.2 seconds Solaris Nmap doing a complete TCP Scan (0-65535) - 20 seconds Solaris Nmap doing a complete UDP Scan (0-65535) - 91 seconds For more comparision, I've also Scanning against a Solaris 10 host (where you cannot completely disable tcp rate limiting) Linux Nmap doing a complete TCP Scan (0-65535) - 45 seconds Linux Nmap doing a complete UDP Scan (0-65535) - 1.6 seconds Solaris Nmap doing a complete TCP Scan (0-65535) - 48 seconds Solaris Nmap doing a complete UDP Scan (0-65535) - 95 seconds I did not notice substancial CPU usage during the scan, so I do not think this is a factor. However, the Linux machine is more powerful than the Solaris one. So my conclusion is that your patch results in a really substancial performance improvement, but clearly there is something that is still slowing it down relative to Linux.Some header files might need to be #included too.. Possibly one or more of these:It turns out I needed to include the following line: #include "sys/bufmod.h" _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. David Fifield (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. doug (Aug 07)
- <Possible follow-ups>
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 08)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 10)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)