Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Service Scan (-sV) Performance Tests

From: Patrick Donnelly <batrick () batbytes com>
Date: Mon, 3 Aug 2009 19:42:49 -0600
After the NSE Performance tests that were recently done [1,2], it was
decided to also test the performance of the service scanner because
its socket use restrictions were very similar to NSE. The service
scanner has a hard cap on the number of sockets used based on the
max-parallelism, min-parallelism and the timing level. Generally the
parallelism will not exceed 10 for most scans (-T3) and will cap at 20
for -T5 scans.

I have attached graphs showing the performance results of service
scanning with various sizes of host groups (all "popular" web
servers). You will notice that the curves are the same form as those
generated for the NSE tests, an exponential decay. Also, it is
interesting to observe that for all the graphs, the total scan time
approaches a value of around 70 seconds -- despite the host group size
doubling, the total scan time remains approximately the same for very
high parallelism. One can conclude from these tests (like the tests
done for NSE) that a dynamic system for increasing the parallelism
would be very desirable to improve overall scan time.


The bash script used to run the tests is version_perf. You can (and
please do) run the tests for comparison (you will need octave and
lua):

batrick@host:~/nmap/svn/nmap$ mkdir version_results
batrick@host:~/nmap/svn/nmap$ # cp top-10kto11k-ips.txt to current directory
batrick@host:~/nmap/svn/nmap$ ./version_perf run version_results
batrick@host:~/nmap/svn/nmap$ ./version_perf times version_results
batrick@host:~/nmap/svn/nmap$ for mfile in $(echo *.m); do octave $mfile; done

The graphs will be in your current directory.


[1] http://seclists.org/nmap-dev/2009/q3/0143.html
[2] http://seclists.org/nmap-dev/2009/q3/0160.html

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

Attachment: Version_Results.tar.gz
Description: 


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: