Nmap Development mailing list archives
Re: Updater Proposal
From: Hani Benhabiles <kroosec () gmail com>
Date: Thu, 26 May 2011 00:39:43 +0100
w3af has an Auto-updater feature. The 1.0 stable version was released today. On Thu, May 19, 2011 at 5:50 PM, <ricec2 () rpi edu> wrote:
All the discussion so far, as I can see (sorry if I missed anything) is about how to make sure that the whole update process is secure, but I didn't see any discussion on the performance on the update servers that this could have. Currently there is a lot of nmap users out there and when they all start to run the version of nmap that will support autoupdates/upgrades the amount of the traffic generated could be significant. Maybe a thought of a different transport mechanism to spread the load of the updates - torrent for example or something similar. Just an idea to think about.Thanks for your suggestions. I'm glad this topic has provoked some discussion and I know that Colin is paying attention to your ideas. I've asked Colin not to worry about things like binary diffs and the size of updates for the time being. Those are big topics on their own and I fear that optimizing for them too early will hinder the development of something that works. I think our priorities should be first safety, then performance. This may mean downloading a subset of the available files (but whole files) quite frequently, or downloading all the files somewhat less frequently. David FifieldMy understanding is that TUF is currently set up so that you only have to download the changed files. What happens is that you connect to a mirror, authenticate for time etc.. and then once you are satisfied with the mirror you check hashes?(I'm not completely sure what it uses) and then it will pull all of the newer files that are different and do authentication etc... So while its not as efficient as it could be it shouldn't be ridiculous except for when the entire world tries to update at once. Setting up TUF to use torrents opens up a giant mess of authentication issues. You could probably rig something up with DHT similar to apt-p2p but it is more of a nice addon for afterwards. -Colin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Twitter: @kroosec _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Updater Proposal, (continued)
- Re: Updater Proposal alexandru (May 16)
- Re: Updater Proposal David Fifield (May 16)
- Re: Updater Proposal Fyodor (May 18)
- Re: Updater Proposal Colin L. Rice (May 18)
- Re: Updater Proposal olli hauer (May 18)
- Re: Updater Proposal Marek Lukaszuk (May 19)
- Re: Updater Proposal David Fifield (May 19)
- Re: Updater Proposal Daniel Roethlisberger (May 19)
- Re: Updater Proposal Shinnok (May 19)
- Re: Updater Proposal Fyodor (May 18)
- Re: Updater Proposal Hani Benhabiles (May 25)
- Re: Updater Proposal David Fifield (May 26)