Nmap Development mailing list archives
Re: [NSE] Target time out checks
From: Ron <ron () skullsecurity net>
Date: Mon, 22 Dec 2008 11:24:09 -0600
Patrick Donnelly wrote:
Currently NSE starts the time out clock for all the hosts in a runlevel group before beginning the scan. If there is an extremely large group, some hosts may not be handled before a script thread is mistakenly timed out (even when it has no connections open). Also, a script may not actually be accessing that host at the time (whois.nse will query the whois databse, not the target!!). For this reason, I do not believe that the Target.timedOut method is appropriate for the Script Engine. However, the target.startTimeOutClock and target.stopTimeOutClock methods are still useful for tracking the length of time the host was scanned (even if indirectly). I have attached a patch that removes the checks to see if the target host has timed out. If there are no complaints/problems/concerns I will apply this in a couple days. Cheers,
I may be understanding this wrong, so correct me if I am, but I think that the script timeout has a good side and a bad side.
On the plus side, it saves us from locking up for good when a script holding a mutex crashes. Other scripts waiting for that mutex will eventually time out.
On the downside, if 5000 scripts are running at once, some may time out accidentally, which isn't good.
That's my quick take on it. Ron _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] Target time out checks Patrick Donnelly (Dec 21)
- Re: [NSE] Target time out checks Fyodor (Dec 21)
- Re: [NSE] Target time out checks Patrick Donnelly (Dec 22)
- Re: [NSE] Target time out checks David Fifield (Dec 22)
- Re: [NSE] Target time out checks Ron (Dec 22)
- Re: [NSE] Target time out checks Fyodor (Dec 21)