Nmap Development mailing list archives
Re: nse crypto
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sun, 20 Mar 2011 21:00:32 +0200
I have no idea of a good value. Let's change it if someone reports problems. I think echo.nmap.org is the nping server with highest load so we'll probably get informed if it starts failing. On Sun, Mar 20, 2011 at 8:51 PM, Luis MartinGarcia. <luis.mgarc () gmail com> wrote:
On 03/15/2011 01:01 AM, David Fifield wrote:On Tue, Mar 15, 2011 at 01:31:21AM +0200, Toni Ruottu wrote:What amount should we target. A high value might be good for protecting against brute force password cracking, but does it also hinder performance in regular use?I'm not suggesting that we change the nsock_loop timeout. My guess is that the way it works now is unintentional (because the comment doesn't match the code), but the fact that it only allows one password guess per second could be regarded as a feature. It does mean that when connecting normally, you could be delayed up to a second.Hi, The comment is obviously wrong so I've changed it to reflect what the code actually does. However, the code is doing what it's supposed to, which is, doing asynchronous accept()s at the server side. When I implemented the Echo server I found out that Nsock does not provide asynchronous "server-side functions", so I had to introduce a small hack in order to avoid accept() system calls that block the caller (we need this since Nping is mono-threaded and non-forkeable by design). However, Toni, you are right that the code limits incoming connections to a rate of 1 connection per second. I think this is very reasonable, but I'm open for discussion if there is interest on decreasing the timeout value and there are reasons beyond weak password auditing. Regards, Luis MartinGarcia.
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: nse crypto, (continued)
- Re: nse crypto David Fifield (Mar 12)
- Re: nse crypto Toni Ruottu (Mar 12)
- Re: nse crypto Luis MartinGarcia. (Mar 13)
- Re: nse crypto Toni Ruottu (Mar 13)
- Re: nse crypto Patrik Karlsson (Mar 13)
- Re: nse crypto Toni Ruottu (Mar 13)
- Re: nse crypto David Fifield (Mar 14)
- Re: nse crypto Toni Ruottu (Mar 14)
- Re: nse crypto David Fifield (Mar 14)
- Re: nse crypto Luis MartinGarcia. (Mar 20)
- Re: nse crypto Toni Ruottu (Mar 20)
- Re: nse crypto Toni Ruottu (Mar 12)