Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: too many open files
From: Vasiliy Kulikov <segoon () openwall com>
Date: Wed, 2 Nov 2011 23:50:59 +0400

On Wed, Nov 02, 2011 at 20:34 +0100, Patrik Karlsson wrote:
On Wed, Nov 2, 2011 at 7:53 PM, Vasiliy Kulikov <segoon () openwall com> wrote:
NSE: smb-flood: Connection successfully opened
NSE: SMB: Invalid NTLM challenge message: unexpected signature.
NSE: SMB: WARNING: the server appears to be Unix; your mileage may vary.
NSE: SMB: Extended login to as \guest failed, but was given
guest access (username may be wrong, or system may only allow guest)
NSE: smb-flood: Connection successfully opened
Socket troubles: Too many open files
nmap: nsock_core.c:1176: nsp_add_event: Assertion `nse->iod->sd >= 0'
The smb-flood script attempts to perform a DoS against the remote SMB
server by exhausting the remote servers connection limit.
The description states:
"This is *not* recommended as a general purpose script, because a) it
is designed to harm the server and has no useful output, and b) it
never ends (until timeout)."

Based on the code it looks like theres an infinite loop opening new
connections (but not closing them) against the remote server.
So the error message your seeing is the result of your local system hitting
the limit of simultaneously connected sockets.

IMHO "never ends" and "falls after some time because of a local system
limit" are different things.  E.g. I cannot open too many connections
even if I'm a root.  Probably try to raise a limit to UNLIM and
gracefully continue with a some limit at init time?  Or even change
smb-flood's logic not to open MAX_NFILES-100 sockets if we're not


Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]