Andy Smith wrote:
> It is possible that it will not work for Windows XP with SP2.
>
> Regards,
> Andy
>
Yah, this'll do bad things to SP2. I think the problem is the time
spent ARPing. This could be due to the ARP change for SP2 (which I
haven't actually looked at) or to the queue lengths in pcapsend.c. I'm
guessing it's the former, since the latter hasn't changed AFAIK.
I'll hack something up to try and fix this for real. It may be a rather
drastic change -- the current scheme we use for APR is bad in the
presence of the firewall. We currently have the main thread dump
pending packets into a queue which is serviced by a second thread that
polls the cache. This isn't so bad (other than polling latency), except
that, with the firewall up, there is no way that I know of to
asynchronously ARP for something in such a way that the firewall will
accept the reply. So the ugly fix for 3.70 is to use SendARP, which is
synchronous. It's possible that SIO_FIND_ROUTE will do it, but I'm not
sure. Otherwise, we could just implement our own ARP listener, which
would get the inbound ARPs (matched to the outbound, I suppose), and add
them into the cache. It would also eliminate the latency.
Bleh.
OTOH, it's possible that a spoofed raw send (which SP2 drops) would
still trigger the ARP. That's a truly awful hack, but it would be easy.
--Andy
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Oct 04 2004
Intro
