Nmap Development mailing list archives
Re: Speeding up scans that are slow due to wrong rate limiting detection
From: David Fifield <david () bamsoftware com>
Date: Wed, 6 Aug 2014 02:48:19 -0700
On Thu, Jul 31, 2014 at 01:48:09PM +0200, Jacek Wielemborek wrote:
I had this conversation with David and later with Daniel and I wanted to spark up more discussion here now. About a month ago, I discovered by mistake that it is possible for Nmap to slow down to a ridiculous pace when the rate limiting detection (RLD) algorithm detects enough drops, which can happen on longer scans [1]. After discussing this with other developers, here are possible solutions to this problem: 1. Fix the rate limiting detection algorithm. I heard that David tried that and it turned out to be too dificult due to scan_engine.cc complexity (and from what I already learned about this file, I can definitely believe that).
It's not really because of code complexity (though code complexity doesn't help); it's because I didn't know of a good algorithm to replace it with. I tried a few things I thought of, and none of them worked better. Apparently I did a bunch of digging into the subject back in the day: http://seclists.org/nmap-dev/2009/q1/49 David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Speeding up scans that are slow due to wrong rate limiting detection Jacek Wielemborek (Jul 31)
- Re: Speeding up scans that are slow due to wrong rate limiting detection David Fifield (Aug 06)