Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets
From: doug () hcsw org
Date: Thu, 1 May 2008 23:49:47 -0700

On Fri, May 02, 2008 at 05:50:16AM +0000 or thereabouts, Brandon Enright wrote:
Most people assume that /dev/random can be used for the latter.  The
kernel devs assume (and by design, force) it to be used only for the
former.

Yes you have a good point that the names of /dev/random and /dev/[ua]random
should be swapped even if only so the most commonly used symbols have the
shortest lengths. :)

Thanks for the ISSAC and DNET/ARC4 pointer.  I'd feel better using one
of these than the LCG I suggested anyways.  I'll probably end up
working with the DNET PRNG as it's already there and it's well tested.

Oops I always screw that up, it's called ISAAC not ISSAC. Using
dnet sounds like an excellent plan. I used it in nuff and had no problems:

http://hcsw.org/nuff/security.html#section.4

Dnet is such a great library that it's disappointing to hear it isn't
actively maintained anymore. Maybe Nmap should step up? ndnet?

We've stretched this thread pretty thin by now -- nobody said
nmap-dev couldn't have a bunch of random chatter :-)

Haha yes it suits the thread. Still, random numbers are worth
doing right. Using a good PRNG for all purportedly random values
will definitely pay off. I remember writing QuickBASIC games (back
when I used proprietary software) that displayed "random patterns"
that looked similar to the plots on your website. See the stars in the
background and the blood splatters here:

http://hcsw.org/olddos/chainsaw/screen1.gif

Doug

PS. I bet you could fingerprint port scanners by the LCGs they use. Lame
scanners do either sequential scans or the rand(3) plot style line
pattern "randomness", but the Nmap users get teh l33t arandomz/dnetz ;)!1z..

Attachment: signature.asc
Description: Digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]