Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap snmp scanning
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 20 Dec 2011 15:11:20 +0100

On Tue, Dec 20, 2011 at 3:03 PM, Duarte Silva
<duarte.silva () serializing me>wrote:

Hi Patrik,

didn't know that. Over the weekend I will setup different SNMP "providers"
to
test the original script against and observe what should be the expected
behaviour, because I have been testing against the JVM SNMP monitoring
facility and the old script wasn't working very well (as I come to think
about
it, maybe it was because I was running the script against my own machine,
localhost).

Thanks for the feedback,
Duarte

On Monday 19 December 2011 23:24:14 Patrik Karlsson wrote:
On Sun, Dec 18, 2011 at 7:19 PM, Duarte Silva

<duarte.silva () serializing me>wrote:
Hello,

this is a very intial rewrite of the snmp-brute.nse script. As such, it
needs loads of testing. Some stuff is still missing but I wanted some
feedback.

Regards,
Duarte Silva

Hi Duarte,

I've looked over the new script and have a concern with the design
change,
as one of the goals of the new snmp-brute script was to increase
speed. This was achieved by having one thread sending requests out and
another thread listening with a pcap socket. As we're dealing with UDP
and
a service that doesn't respond, unless we have the right community, this
design successfully made the script a lot faster than the initial
version.
So I think we should try to address the issues we're seeing while keeping
the current design.

Cheers,
Patrik


Hi again,

You make a valid point. I was also experiencing some trouble with the
current version when running against one of my virtual machines
(Virtualbox), even though the interface was in bridged mode. The problem is
that, for some reason, in Mac Os X libpcap fails to see packets on the host
interface. Not sure whether this is a big enough problem to care about?

I'm guessing that an alternative approach could be to set a very short
timeout on the socket (like 1ms) and do a recv on it each time a request is
sent, then make sure to do a number of receives for a certain amount of
time after the last request was sent. That could work and possibly allow us
to maintain the increased speed we have with the current design. But like I
said, I'm not sure it's worth it.

Cheers,
Patrik

-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault