Re: Tudor's Status Report - #7 of 17

[Daniel Miller <bonsaiviking () gmail com>]

Is there a way that we could write a test script for this sort of thing
(testing performance with massive parallelism)? I imagine it would go
something like this:

1. Remove or increase parallelism limits for NSE. If this is compiled-in,
it should be a configurable #define in a header file.

2. The main script spawns threads as fast as possible without limit,
keeping track of how many threads per second are allowed by the engine
(allowed to start? or maybe how fast they finish?)

3. Each thread performs some discrete operation like a simple HTTP GET
(without using http.lua, since that would introduce pipelining and caching
which would interfere) against a service that can be shown not to be the
limiting factor. An nginx or lighttpd server on a gigabit or better
connection would do, since it should be able to handle tens of thousands of
concurrent connections.

4. The debug output could be consumed by some sort of graphing software to
show how each engine scales.

5. After 10 minutes or so, stop the test.

Dan

On Mon, Jun 13, 2016 at 5:15 PM, Tudor-Emil COMAN <
tudor_emil.coman () cti pub ro> wrote:

> Hello,
>
>
> I accidentally sent the report before I finished it, sorry.
>
> This week I didn't get to finish the SSL integration for engine_iocp and I
> hope to finish it by next week.
>
>
> Accomplishments:
>
> - Did a stress test by using the ftp-brute NSE script to make a lot of
> traffic to try and guess a password on a vsftpd server I configured inside
> a VM. Engine_iocp works on par with the other engines and didn't cause much
> trouble there however I couldn't illustrate a performance boost due to
> parallelism probably because requests are made on the same connection.
>
> - Brandon has been really nice and got me a Windows Server from where to
> conduct some mass scans(because my ISP may cause me problems if I scan from
> here).
>
> I discovered a weird bug where if you scan multiple targets the scan will
> get stuck. I have tried to find the cause but so far I have been
> unsuccessful this is definitely a priority.
>
>
> Priorities:
>
> - Finish SSL.
>
> - Fix the multiple targets bug on engine_iocp.
>
> - Do some relevant measurements with Brandon's server.
>
>
>
> Cheers,
>
> Tudor
>
>
>
> ------------------------------
> *From:* Tudor-Emil COMAN
> *Sent:* Tuesday, June 14, 2016 1:09:47 AM
> *To:* dev () nmap org
> *Subject:* Tudor's Status Report - #7 of 17
>
>
> Hello,
>
>
> This week I didn't get to finish the SSL integration for engine_iocp and I
> hope to finish it by next week.
>
>
> Accomplishments:
>
> - Did a stress test by using the ftp-brute NSE script to make a lot of
> traffic to try and guess a password on a vsftpd server I configured inside
> a VM. Engine_iocp works on par with the other engines and didn't cause much
> trouble there however I couldn't illustrate a performance boost due to
> parallelism probably because.
>
> - Brandon has been really nice and got me a Windows Server from where to
> conduct some mass scans(because my ISP may cause me problems if I scan from
> here).
>
>
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/