Nmap Development mailing list archives

Re: non existent script called with --script=all

From: David Fifield <david () bamsoftware com>
Date: Mon, 27 Apr 2009 22:20:17 -0600

On Mon, Apr 27, 2009 at 06:45:34PM -0700, Fyodor wrote:

On Mon, Apr 27, 2009 at 05:18:02PM -0500, Kris Katterjohn wrote:


When I suggested this very same idea over a year ago (when it was shot down by
you and Brandon), you said that Diman had already tested with many scripts:

http://seclists.org/nmap-dev/2008/q1/0514.html

(and http://seclists.org/nmap-dev/2008/q1/0513.html is Brandon's detailed reply)


Hi Kris.  Nice to hear from you!  I suppose that if we end up removing
script.db after all, you can give us a big "I told you so" :).

Diman did do some testing with 10,000+ scripts (well, basically copies
of the same simple script), but that was years ago.  NSE has changed
dramatically since then, so I'd like to see newer benchmarks with
large numbers of scripts before I'd feel comfortable removing
script.db.  We can't really decide whether the logistical hassle is
worth the performance gain until we actually have measurements of the
(presumed) performance gain.  But if the cost of generating the
information at runtime with 1,000+ scripts is immaterial, I'd favor
removing script.db.  We could always revive the system if we ever
exceed that number of scripts and need it again.


When Patrick was preparing to merge the Lua implementation of NSE, he
ran a bunch of benchmarks, including one of --script-updatedb. Here are
his times for generating a script database with 1,000 no-op scripts:

real    0m0.166s
user    0m0.094s
sys     0m0.030s

And I guess I have a slower computer because I got

real    0m0.641s
user    0m0.516s
sys     0m0.096s

I attached the script he used to generate the scripts if someone else
wants to reproduce the results. We should compare the times with the
time taken to parse, say, nmap-os-db to get some perspective.

David Fifield

Attachment: sdb_test.sh
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: non existent script called with --script=all, (continued)
- - Re: non existent script called with --script=all Michael Pattrick (Apr 23)
    - Re: non existent script called with --script=all Brandon Enright (Apr 23)
    - Re: non existent script called with --script=all Fyodor (Apr 24)
    - Re: non existent script called with --script=all Ron (Apr 27)
    - Re: non existent script called with --script=all Michael Pattrick (Apr 27)
    - Re: non existent script called with --script=all Fyodor (Apr 27)
    - Re: non existent script called with --script=all Fyodor (Apr 27)
    - Re: non existent script called with --script=all Kris Katterjohn (Apr 27)
    - Re: non existent script called with --script=all Fyodor (Apr 27)
    - Re: non existent script called with --script=all Kris Katterjohn (Apr 27)
    - Re: non existent script called with --script=all David Fifield (Apr 27)
    - Re: non existent script called with --script=all Michael Pattrick (Apr 27)
    - Re: non existent script called with --script=all Ron (Apr 28)
  - Re: non existent script called with --script=all DePriest, Jason R. (May 08)
    - Re: non existent script called with --script=all Brandon Enright (May 08)
    - Re: non existent script called with --script=all DePriest, Jason R. (May 11)