RE: NSE loop issue with filtered ports

> -----Original Message-----
> From: nmap-dev-bounces_at_insecure.org
> [mailto:nmap-dev-bounces_at_insecure.org] On Behalf Of Brandon Enright
> Sent: Thursday, November 29, 2007 4:41 PM
> To: Thomas Buchanan
> Cc: nmap-dev_at_insecure.org; bmenrigh_at_ucsd.edu
> Subject: Re: NSE loop issue with filtered ports
>
>
> Almost certainly. There was a file handle limitation (and
> thrashing) issue
> to which Majek and David cooked up solutions that were both
> applied. A
> minimum number of parallel NSOCK handles was set to 10 so
> that NSE could
> still get work done even when the max-parallelism was really low.
>
> Any script that tries to open up more than the
> max-parallelism (at least
> more than 10) before using them will deadlock.
>
> I suppose there could be other issues too. Can you provide
> your script or
> at least describe what triggers the issue?
>
> Brandon
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
>
> iD8DBQFHTz/9qaGPzAsl94IRAvzpAJ4/LxB7lo8SToQH2Mj1rOrZrdzRlQCggfZq
> FSnowo5UK18XOJ9cjZTKrS4=
> =gWEw
> -----END PGP SIGNATURE-----
>

I've attached a test script that triggers the issue. It attempts a
single connection to UDP port 1434 (MS SQL monitor), and reads any
reply. Run against <= 10 hosts concurrently things are fine. Run
against > 10 hosts, and nmap gets a little crazy.

The target port doesn't really matter, as long as the port is filtered,
not open or closed. I chose this one for my test script because it was
convenient for me.

Thomas

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org