Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Nmap Bug
From: David Fifield <david () bamsoftware com>
Date: Fri, 26 Jul 2013 18:36:20 -0700

On Fri, Jun 28, 2013 at 07:07:26AM -0700, avila () ltceng com wrote:
I discovered a nasty bug in nmap while attempting to scan a large
network.  The reverse DNS was being done entirely through the
/etc/hosts file on a Linux RH 6.2 system.  We required the exact
hostname to be returned from nmap via reserve lookup.

The problem was troubleshoot and fixed on nmap version 6.25.  To
correct the problem the source file "nmap_dns.cc" was modified:

#define   HASH_TABLE_SIZE   256

was changed to

#define HASH_TABLE_SIZE    4096

I may go back and change the routine further to make the hash
dynamic but this appears to not fine for our use of nmap.

Thanks for sending this report. Can you tell us what version of Nmap you
were using? I suspect this might have been a bug that was fixed in r7515
in 2008.

That bug caused most IP addresses to end up in the same hash bucket in
little-endian architectures. That wouldn't have prevented entries from
being found in the hash table, though; it only made it slower.

I don't see how your change would have fixed the problem; maybe I don't
understand you correctly?

David Fifield
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • Re: Nmap Bug David Fifield (Jul 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]