Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets
From: Fyodor <fyodor () insecure org>
Date: Wed, 23 Apr 2008 18:14:53 -0700

On Thu, Apr 24, 2008 at 01:15:36AM +0100, jah wrote:

With nmap -n -sL -iR 500 I find there's an average (mean) of 143
duplicate targets generated (std. deviation approx 5).

Wow, I can reproduce the same thing on Windows.  I used this command
under cygwin to count the number of uniq IPs for a given -iR size:

nmap -n -sL -iR NNN | egrep '^Host ' | sort | uniq | wc

Wher 'NNN' is replaced with the number of hosts to try.  Here are the
results:

100 -> 100
200 -> 200
300 -> 300
400 -> 348
500 -> 359
600 -> 352
700 -> 356
800 -> 430
900 -> 528
1000 -> 646

So these are about the same results as you saw.  This is Windows XP
SP2 running on VMWare using our stock 4.60 binary.  I tried the same
command on Linux and much more expected and proper numbers:

1000 -> 1000
10000 -> 10000
100000 -> 100000
500000 -> 499958

Something is broken or poorly implemented in either Windows' rand() or
the way Nmap is using it.

I'd be very interested to know if anyone else can reproduce the issue
and any pointers to where I might look next.

I'm not sure, but please let us know if you figure this out.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]