Nmap Development mailing list archives
Re: Testing requested of nmap-perf branch
From: David Fifield <david () bamsoftware com>
Date: Sun, 28 Dec 2008 23:03:30 -0700
On Thu, Dec 25, 2008 at 02:40:45AM -0700, David Fifield wrote:
The nmap-perf branch contains a new algorithm for detecting and responding to remote rate limiting that I'd like some folks to test. Get it with svn co --username guest --password "" svn://svn.insecure.org/nmap-exp/david/nmap-perf You'll recall that Nmap's rate limit detection turns on a scan delay that starts at 5 ms (50 ms for UDP) and doubles until it reaches 1000 ms. That imposed a severe penalty whenever scan delay kicked in when it shouldn't have. I'm interested in reports of speed and especially accuracy. The new code should not be any slower than the old in any case, and may be much faster in some cases. Of course any reduction in accuracy will point to a flaw in the algorithm that I need to fix. In fact I just found one, which I'll deal with later: running a 1000-port UDP scan against Mac OS X sometimes goes too fast and misses drops, leading to too many open|filtered ports.
I found that this sometimes happens with Nmap trunk too. That is, it's partly a matter of luck whether scan delay kicks in and keeps the scan from being inaccurate. Anyway, that particular problem should be fixed as of nmap-perf r11529, so please give it a try. I'd like to merge these changes this week to focus on other performance issues. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Testing requested of nmap-perf branch David Fifield (Dec 25)
- Re: Testing requested of nmap-perf branch David Fifield (Dec 28)