Home page logo
/

nmap-dev logo Nmap Development mailing list archives

RE: NSE / nsock library questions
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Thu, 22 May 2008 19:18:10 -0500

-----Original Message-----
From: Eddie Bell [mailto:ejlbell () gmail com] 
Sent: Thursday, May 22, 2008 4:06 PM
To: Thomas Buchanan
Cc: nmap-dev
Subject: Re: NSE / nsock library questions

I remember this coming up before,

http://seclists.org/nmap-dev/2007/q2/0319.html

As doug points out, it is possible but will play havoc with 
the parallelization

- eddie


Eddie,

Thanks for the pointer.  I can definitely see where multiple scripts
waiting to bind the same originating port could cause some serious
resource contention.  

I wonder, though, if it would make sense to implement a function that
creates outbound connections from so-called privileged ports, without
trying to specify what that port might be.  There are a still a number
of network services that just won't talk to clients from unprivileged
ports. 

Even if we restrict ourselves to the top half of the privileged port
range to avoid contention with common network services, we still have
over 500 ports to choose from.  Since NSE defaults to a limit of 10
concurrent connections, we shouldn't have to worry too much about
resource contention.  Perhaps something to think about, at least.

Anyway, I think for now I'll look at other options for my rsh-based
discovery script.

Thanks,

Thomas

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault