search

orjanj / nmap-pkg-generation-analysis

Framework for synthetic packet generation and characterization of Nmap scans
GNU General Public License v2.0
1 stars 0 forks source link

tcpdump tasks hanging bug #31

Open orjanj opened 2 years ago

orjanj commented 2 years ago

Some tasks are hanging when monitoring active TCP dumps compared to Nmap scans. Example for monitoring ongoing Nmap tasks:

while true;
do
  ps -eo command | grep nmap | grep -v grep
  sleep 2; echo ""; echo ""
done

One use case: If the task list is manipulated through an editor, the cleanup script changes the file, and the user changes are overwriting what the script is changing. Second use case: Tasks are hanging without manipulating the tasklist. The tasks are enlisted as completed in the task list. Examples:

ssh bsc17-mng tcpdump -U -i ens33 -w nmap_ping_scan_normal_83_202201161821.pcap 2>&1
ssh bsc18-mng tcpdump -U -i ens33 -w nmap_ping_scan_normal_84_202201161821.pcap 2>&1
ssh bsc19-mng tcpdump -U -i ens33 -w nmap_ping_scan_normal_85_202201161821.pcap 2>&1
ssh bsc20-mng tcpdump -U -i ens33 -w nmap_ping_scan_normal_86_202201161822.pcap 2>&1

It should look something like this (with both the ssh tcpdump process and the nmap process):

ssh bsc07-mng tcpdump -U -i ens33 -w nmap_xmas_scan_paranoid_202201152048.pcap 2>&1
nmap -oX ./results/nmap_xmas_scan_paranoid_202201152048.xml bsc07 -T0 -sX --system-dns

This error makes the worker busy for some time until the task is finally killed.

orjanj commented 2 years ago

Possible solution: Check the number of running tasks (iterate through processes matching tcpdump), and if the number is one, this process should be terminated.