Nmap Development mailing list archives
Rate limit branch for anyone interested
From: David Fifield <david () bamsoftware com>
Date: Mon, 9 Feb 2009 10:30:39 -0700
Hello, When I was working in the nmap-perf branch, one of the things I was not able to find a solution for was rate limit detection: http://seclists.org/nmap-dev/2009/q1/0049.html One of the simple changes that looked promising but wasn't merged was controlling the sending rate based on a maximum send rate, not a fixed delay between probes. Brandon at least said he would like to test out this idea. So I made a branch with just that change: svn co --username guest --password "" svn://svn.insecure.org/nmap-exp/david/nmap-rate-limit Instead of waiting, say, 5 ms between probes, the code will enforce a maximum rate of 200 probes per second. The first time the rate is decreased it will become half of the current sending rate. After that it is halved when necessary. The only exception to this is UDP scans, in which the first rate drop goes directly to 20 probes per second. The benefit of this approach is more granularity in limiting the rate. If you hit a rate limit at 5000 packets per second you will drop down to 2500, not 250 which is what you would get with a 5 ms delay. I don't have any immediate plans for better rate limit detection so I'm not going to be working in the branch. Any committers may feel free to make changes there. This is just an experiment to see how rate limit detection may be improved. If you have any good ideas or testing results, send them in. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Rate limit branch for anyone interested David Fifield (Feb 09)
- Re: Rate limit branch for anyone interested João Medeiros (Feb 10)
- Re: Rate limit branch for anyone interested David Fifield (Feb 11)
- Re: Rate limit branch for anyone interested João Medeiros (Feb 10)