-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 30 Apr 2008 18:06:55 -0600
David Fifield <david_at_bamsoftware.com> wrote:
> This seems unstable to me. The IP generator would need its own random
> state to avoid being desynchronized by other things that need random
> numbers, like acknowledgement numbers. Two runs could get out of sync
> after the first scan group, if a different number of retransmits were
> necessary, say.
>
> Even if the IP generator has its own state, you could get different
> results across versions because of different reserved IP ranges.
> That's not so bad, because any IP address that became reserved would
> be omitted in the newer version and replaced by a different IP at the
> end of the list. But it means you couldn't count on the same seed
> giving you the exact same IP addresses.
>
> David Fifield
>
Excellent points which I overlooked. These are fixable but mean
that implementing --seed is not simply dropping a new PRNG into nbase;
a minor re-design of how -iR works is needed.
Not all is lost though, you can always get the list of IPs you scanned
via a little awk/grep/sed of your output file and then use them later
with -iL.
I'm glad someone around here thinks these things through :-p
Brandon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)
iD8DBQFIGQtmqaGPzAsl94IRAghoAJwPznyUSdYJ9CNGLpoBrk3dbdqQhQCgqZjz
nTVeKfyfH0bxJUb7Kw1ef3k=
=Kd68
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Apr 30 2008
Intro
