Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] nmap timing info for scripts
From: jah <jah () zadkiel plus com>
Date: Tue, 17 Jun 2008 00:06:33 +0100
On 14/06/2008 01:32, Fyodor wrote:

Sounds good, except I don't think we need a mathetical model for the
6 timeout values.  How about:

Connection timeouts:
T0-T3: 10s
T4-T5: 5s

GET request read timeouts:
T0-T3: 15s
T4: 10s
T5: 7s

Hi,

nmap_timing() isn't currently working because the nmap_timing field has
been added to nmap lib registry in nse_nmaplib.cc, but it's in a
commented-out section.  I've attached nse_nmaplib.cc.patch in case this
hasn't been done for a reason.
http.lua.patch will add (against current svn and when nmap_timing() is
working) a function to get default timeout values as per Fyodor's
suggestion and sets a timeout (when none is specified in the options
table) for both the connect()  and send() functions.
I've done a few tests and it looks OK.

Regards,

jah


--- http.lua.orig       2008-06-16 22:18:49.843750000 +0100
+++ http.lua    2008-06-16 23:33:09.406250000 +0100
@@ -85,12 +85,19 @@
 
   local result = {status=nil,header={},body=""}
   local socket = nmap.new_socket()
+  local default_timeout = {}
   if options.timeout then
     socket:set_timeout( options.timeout )
+  else
+    default_timeout = get_default_timeout( nmap.timing_level() )
+    socket:set_timeout( default_timeout.connect )
   end
   if not socket:connect( host, port, protocol ) then
     return result
   end
+  if not options.timeout then
+    socket:set_timeout( default_timeout.request )
+  end
   if not socket:send( data ) then
     return result
   end
@@ -147,3 +154,18 @@
 
 end
 
+get_default_timeout = function( nmap_timing )
+  local timeout = {}
+  if nmap_timing >= 0 and nmap_timing <= 3 then
+    timeout.connect = 10000
+    timeout.request = 15000
+  end
+  if nmap_timing >= 4 then
+    timeout.connect = 5000
+    timeout.request = 10000
+  end
+  if nmap_timing >= 5 then
+    timeout.request = 7000
+  end
+  return timeout
+end
\ No newline at end of file

--- nse_nmaplib.cc.orig 2008-06-14 20:35:11.359375000 +0100
+++ nse_nmaplib.cc      2008-06-16 23:02:56.109375000 +0100
@@ -99,6 +99,7 @@
     {"debugging", l_get_debugging},
     {"have_ssl", l_get_have_ssl},
     {"fetchfile", l_fetchfile},
+    {"timing_level", l_get_timing_level},
     {NULL, NULL} 
   };
 


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]