Re: [bug] nexthost: failed to find route to XXX (directly connected, with --randomize-hosts)

[Daniel Miller <bonsaiviking () gmail com>]

On 03/27/2012 11:42 PM, David Fifield wrote:
> That's an interesting case. During the ping scan, is it breaking the
> targets into many tiny little hostgroups because the ones that are
> direct are not contiguous?
I'll check my logs and get back to you on this. I would suspect yes.
> Yes, probably, from a quick look. I only wonder about the tiny little
> hostgroups and if we should do something about that
I wonder how much extra memory it would take to have a "hostgroup in 
reserve" to which the odd-ones-out get added until they reach the 
min-hostgroup size? You could conceivably have a lot of hostgroups, but 
usually not more than 2 for a single target expression (since that would 
have to be the same address family). I can imagine odd cases with 
multiple interface names or source addresses, but I would hazard a guess 
that would be very uncommon.
> I don't understand. I thought that was exactly the problem: a CIDR range
> that includes both direct and non-direct targets
The bug is happening during a vulnerability assessment, and I'm not free 
to play around and test it out. I can examine the results I got (logged 
all output with -v during the scan), but I can't copy-paste because of 
NDA issues. I'm having trouble replicating a similar environment to do 
the test on. But, yes, that is my assumption of the problem.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/