Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Studying nmap using strace
From: James Rogers <jamesmrogers () gmail com>
Date: Fri, 4 May 2012 21:11:03 -0400

Used strace to see what was going on under the hood with the nmap command:

sudo strace -o ../output00001.txt ./nmap -n -p 8080 localhost --reason
--packet-trace

The result file is huge and I am going to keep annotating it for the
next few days, so I put it over on my blog:

http://mystry-geek.blogspot.com/2012/05/analyzing-nmap-using-strace.html

Don't want to send huge messages to the mailing list.  I clipped off
the library loading done at the beginning, just going to turn this
into a list of libraries we load.

It is very interesting to see how nmap is looking for many config
files.  This might be an area to optimize, because it does seem to
take a while to load in all these files.

Performing the actual scan of this single host is done in just a few
calls at the end of everything and is only a small fraction of the
time nmap is running.

I colorized the stream numbers at the end to tie together the calls.

Tomorrow I am going to follow this through with the debugger  and the
lxr database I have built to get a feel for where in the code base
each of these functions occurs.

All of this is very amazing code.  I am learning a lot about
networking that I never knew before, and I did application programming
for several years.  I feel privileged to be helping everyone out!

Thanks,
James
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • Studying nmap using strace James Rogers (May 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault