Nmap Development mailing list archives

[RFC] Basing timeouts in NSE on host.times.timeout

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 31 Jul 2014 23:00:16 -0500

List,

Right now, there are several sources of default timeouts on socket
operations within NSE:

* A socket created by nmap.new_socket() has a timeout of 30 seconds
* The sockets used in the comm.lua library have 8-second timeouts
* of all the calls to set_timeout, a plurality (44%) are 5 seconds, with
the remaining 56% evenly split between 10 seconds and other times (ranging
from 10ms to 50s)

In a large number of these cases (portrule and hostrule scripts), the
socket is intended to communicate with a port on a host for which Nmap
already has a timeout calculated, reported via the host.times.timeout
variable. It seems to me like a lot of these timeouts could be replaced
with:

--was: socket:set_timeout(8000)
socket:set_timeout(((host.times and host.times.timeout) or 8) * 1000)

Obviously this would not work for prerule, postrule, or external scripts.
But I think it's probably a huge improvement over the default 30-second
timeout!

Does anyone have thoughts or concerns regarding this approach?

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[RFC] Basing timeouts in NSE on host.times.timeout Daniel Miller (Jul 31)
- Re: [RFC] Basing timeouts in NSE on host.times.timeout Patrick Donnelly (Aug 01)
  - Re: [RFC] Basing timeouts in NSE on host.times.timeout Daniel Miller (Aug 01)
    - Re: [RFC] Basing timeouts in NSE on host.times.timeout nnposter (Aug 01)
    - Re: [RFC] Basing timeouts in NSE on host.times.timeout Kris Katterjohn (Aug 01)
- Re: [RFC] Basing timeouts in NSE on host.times.timeout nnposter (Sep 17)
  - Re: [RFC] Basing timeouts in NSE on host.times.timeout Daniel Miller (Sep 17)