Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: too many open files
From: Patrik Karlsson <patrik () cqure net>
Date: Wed, 2 Nov 2011 20:34:24 +0100

On Wed, Nov 2, 2011 at 7:53 PM, Vasiliy Kulikov <segoon () openwall com> wrote:

On Wed, Nov 02, 2011 at 19:11 +0100, Henri Doreau wrote:
Hi,

2011/11/2 Vasiliy Kulikov <segoon () openwall com>:
Does this same thing happen using this branch?

svn checkout svn://svn.insecure.org/nmap-exp/henri/nmap-nsengines

This branch is not compilable:

nmap-nsengines$ make clean && ./configure && LANG=C make

the different SVN externals were not consistent with each other
anymore. I have updated the branch with the latest revision of /nmap.
It should be ok now.

Yes, it compiles.  It fails almost the same way, but without core dump:

...
NSE: smb-flood: Connection successfully opened
NSE: SMB: Invalid NTLM challenge message: unexpected signature.
NSE: SMB: WARNING: the server appears to be Unix; your mileage may vary.
NSE: SMB: Extended login to 127.0.0.1 as \guest failed, but was given
guest access (username may be wrong, or system may only allow guest)
NSE: smb-flood: Connection successfully opened
Socket troubles: Too many open files
nmap: nsock_core.c:1176: nsp_add_event: Assertion `nse->iod->sd >= 0'
failed.
$

--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing
environments
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


The smb-flood script attempts to perform a DoS against the remote SMB
server by exhausting the remote servers connection limit.
The description states:
"This is *not* recommended as a general purpose script, because a) it
is designed to harm the server and has no useful output, and b) it
never ends (until timeout)."

Based on the code it looks like theres an infinite loop opening new
connections (but not closing them) against the remote server.
So the error message your seeing is the result of your local system hitting
the limit of simultaneously connected sockets.

//Patrik

-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]