Nmap Development mailing list archives
Re: NSE HTTP Pipeline implementation
From: Patrick Donnelly <batrick () batbytes com>
Date: Tue, 4 Aug 2009 16:33:45 -0600
On Tue, Aug 4, 2009 at 1:28 PM, David Fifield<david () bamsoftware com> wrote:
On Tue, Aug 04, 2009 at 03:50:35AM -0300, Joao Correa wrote:My second experiment was applying pipeline to http-enum.nse, which makes 41 requests. The first thing I could notice is that the original http-enum.nse (without pipeline) performed better. The problem is that pipelined requests rely on connections with keep-alive, what means that the server will not close the connection once the data transference is complete, it will wait for another request until the connection times out. As we are performing only a small number of requests, the defaults http.lua timeout values started being too heavy. I've decreased the timeout number manually, and so I could notice that the scans started running much faster. With timeout set to 3 seconds, all the tests I've performed with pipeline were, at least, equal in timing to the test without pipelining. I believe that decreasing the timeout might not be the best solution. I'm thinking about writing a request function that is aware about the number of pipelined requests made, and that is able to count the number of requests received, being able to identify the when all the responses were received and that it is possible to send new requests. I believe that this approach will also make better use of the open socket, not trying to use a new one when the pipeline limit is reached.Are you sending Connection: close with the last pipelined request? The server should not be holding the connection open after a Connection: close.
Shouldn't closing the connection on the client side be sufficient? -- -Patrick Donnelly "Let all men know thee, but no man know thee thoroughly: Men freely ford that see the shallows." - Benjamin Franklin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE HTTP Pipeline implementation Joao Correa (Aug 03)
- Re: NSE HTTP Pipeline implementation David Fifield (Aug 04)
- Re: NSE HTTP Pipeline implementation Patrick Donnelly (Aug 04)
- Re: NSE HTTP Pipeline implementation doug (Aug 05)
- Re: NSE HTTP Pipeline implementation Joao Correa (Aug 05)
- Re: NSE HTTP Pipeline implementation Joao Correa (Aug 09)
- Re: NSE HTTP Pipeline implementation Joao Correa (Aug 05)
- Re: NSE HTTP Pipeline implementation David Fifield (Aug 04)