Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brandon Enright wrote:
> Finally, one thing that hasn't been addressed in this patch is that on
> *nix, Nmap first tries "arandom" and then "urandom" before trying
> "random".  If a box doesn't offer [au]random but does offer random Nmap
> will block -- /dev/random doesn't provide randomness as fast as Nmap
> uses it.  The use of /dev/random should be dropped in favor of falling
> back on rand() or in the future, OpenSSL.

Per your suggestion of OpenSSL, this is a 4.20ALPHA4 CHANGELOG entry:

o Nmap no longer gets random numbers from OpenSSL when it is available
  because that turned out to be slower than Nmap's other methods
  (e.g. /dev/urandom on Linux, /dev/arandom on OpenBSD, etc.).  Thanks
  to Marek Majkowski for reporting the problem.

WRT to the /dev/random hanging, I see what you mean!  I edited
nbase_rnd.c and Nmap immediately hangs and strace confirms it's from a
read(/dev/random).

But what are the odds of you mentioning this hanging so soon after this
(bit hostile) email[1] which mentions the exact behavior Nmap exhibits
when I only use /dev/random?  Apparently his Linux box doesn't have
urandom (or it's a very strange coincidence since I've never had Nmap
just hang immediately for any other reason..)

Given the options of /dev/random, rand() and OpenSSL, it looks like
rand() may be the answer since random hangs and OpenSSL was slow.

Good find.

> Brandon

Thanks,
Kris Katterjohn

[1] http://seclists.org/nmap-dev/2008/q2/0182.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSBp9bP9K37xXYl36AQJZlw//SqWLbYIDbo+AWSobExn3WwVYIohGhrQE
YGZfmN3s6Of2AyjOjsPlUT1pPy4as0/c2yhkFZOKRDsFepafncqJas+hRpPJKMK4
M8usGrlzK03saZ2Z2WNuQ7yt7Eia1EzAQTr7QA/dgfS+dwpgz0s1vHdf+Q+mi32I
ziG5LkNwPLQKBussXwUZl++EjLoW/op5Klj030pXeOaU9KdEjSozT8S+xgbRgDPz
gJJZEgvTiZ3JWXFnKcitBKeHqT6R9gdJFmhX/YJWQK48OzXG7cQNOpqx5YshC1r/
NVwjyGaTRZndB/YR5wEP9j9f3JK9XlrMlyrNfM+Smo7b0l3c+5Yd5qjQhim7rBgs
6ve/VLOL6yFthbqDpaBTZwRIg0gd5+RCJm4RUixX7o8ehbiLMchgAVqgGZZdAEdC
lQCvo0/vpYEJ8EyhIIJGGrcQLqcAPGsO6OYA6VwSVhYdHSMbsBRy1sWhkqSBI0XI
s6UozLVj2U0WCT+DJrguY0uBtedBpzJ9pnQMi8+MFsEztGJ0ZzIh2TYALD5+jI9+
HEMZFXtY4jzQCkS7EvQH36lJQ6GHs/J4EJVrb9A5kVltQnWr8KQ3OUrPoJFx8/hU
oGnrW/ptSQd1EIWV6F79qI5OZOgI5aN5EYtk7UBsNgrTs/M7nEP4EiTchSVYkaXZ
vgO6I3LwSyQ=
=C4fh
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org