On 30/04/2008 22:44, Brandon Enright wrote:
> The end result of all of this is that Nmap can only make 11215879
> unique IPs and that if you pass a number greater than about 64M to -iR
> you should be able to generate all of them. I have generated a list of
> 100M several times and confirmed that it always produces the same
> 11215879 unique IPs.
That's incredible. And particularly poor. Nice find!
> The other (not mutually-exclusive) option available to us is to
> implement our own PRNG using Mersenne Twister or some other
> high-quality PRNG. This has a few advantages over what we have right
> now:
>
> * Even if OpenSSL isn't compiled in, we'll still have a good RNG source
>
> * We could implement a --seed option to generate the *same* set of IPs
> across all operating systems Nmap runs on
>
> * There is a big coolness factor associated with quality PRNGs ;-)
> ...
> If anyone thinks --seed would be useful now is the time to chime in!
--seed would surely be useful when testing stuff and needing to reuse
the same random targets. MT can be made cryptographically secure too,
according to the blurb
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html
<http://www.math.sci.hiroshima-u.ac.jp/%7Em-mat/MT/efaq.html>
so there could be both options even without OpenSSL?
jah
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Apr 30 2008
Intro
