Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] False timestamp in ssl-date

From: Fyodor <fyodor () nmap org>
Date: Sat, 16 Aug 2014 17:27:02 -0700
On Thu, Aug 7, 2014 at 4:00 PM, <nnposter () users sourceforge net> wrote:


nnposter wrote:

The quick-success clause can be implemented with the additional patch
below (applied on top of the first patch).



Thanks nnposter.  Personally, I like this quick-success version better.
 And I might even give more wiggle room than 5 minutes.  Even if we give
+/- 90 minutes, wouldn't the odds be about one in 400,000 that a random
number would falsely match (1 / ((2 * 90 * 60) / 2^32))?  If this math is
correct, the risk seems pretty immaterial to me.

I do like the idea of doing a 2nd test if we aren't in the range so we can
catch systems with seriously skewed clocks without printing bogus times for
systems which are generating the numbers randomly or using a fixed value,
etc.

Cheers,
Fyodor
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: