mailing list archives
RE: NSE loop issue with filtered ports
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Thu, 29 Nov 2007 16:50:51 -0600
From: nmap-dev-bounces () insecure org
[mailto:nmap-dev-bounces () insecure org] On Behalf Of Brandon Enright
Sent: Thursday, November 29, 2007 4:41 PM
To: Thomas Buchanan
Cc: nmap-dev () insecure org; bmenrigh () ucsd edu
Subject: Re: NSE loop issue with filtered ports
Almost certainly. There was a file handle limitation (and
to which Majek and David cooked up solutions that were both
minimum number of parallel NSOCK handles was set to 10 so
that NSE could
still get work done even when the max-parallelism was really low.
Any script that tries to open up more than the
max-parallelism (at least
more than 10) before using them will deadlock.
I suppose there could be other issues too. Can you provide
your script or
at least describe what triggers the issue?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
-----END PGP SIGNATURE-----
I've attached a test script that triggers the issue. It attempts a
single connection to UDP port 1434 (MS SQL monitor), and reads any
reply. Run against <= 10 hosts concurrently things are fine. Run
against > 10 hosts, and nmap gets a little crazy.
The target port doesn't really matter, as long as the port is filtered,
not open or closed. I chose this one for my test script because it was
convenient for me.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org