Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Rate limit branch for anyone interested

From: João Medeiros <ignotus21 () gmail com>
Date: Tue, 10 Feb 2009 16:13:18 -0300
Hi David.

    I have download the branch but I did not see any data related to
the problem. Did you have sample sets (the big the better) of RTT's
for the case of rate-limit and network congestion? I can perform some
time-series analysis in this kind of data and see if this can help in
rate-limit detection.

Att, João Medeiros.

On Mon, Feb 9, 2009 at 2:30 PM, David Fifield <david () bamsoftware com> wrote:

Hello,

When I was working in the nmap-perf branch, one of the things I was not
able to find a solution for was rate limit detection:

http://seclists.org/nmap-dev/2009/q1/0049.html

One of the simple changes that looked promising but wasn't merged was
controlling the sending rate based on a maximum send rate, not a fixed
delay between probes. Brandon at least said he would like to test out
this idea. So I made a branch with just that change:

       svn co --username guest --password "" svn://svn.insecure.org/nmap-exp/david/nmap-rate-limit

Instead of waiting, say, 5 ms between probes, the code will enforce a
maximum rate of 200 probes per second. The first time the rate is
decreased it will become half of the current sending rate. After that it
is halved when necessary. The only exception to this is UDP scans, in
which the first rate drop goes directly to 20 probes per second. The
benefit of this approach is more granularity in limiting the rate. If
you hit a rate limit at 5000 packets per second you will drop down to
2500, not 250 which is what you would get with a 5 ms delay.

I don't have any immediate plans for better rate limit detection so I'm
not going to be working in the branch. Any committers may feel free to
make changes there. This is just an experiment to see how rate limit
detection may be improved. If you have any good ideas or testing
results, send them in.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: