Michel Arboi wrote:
I'd recommend that as a patch the 1 second delay be at least set
to 3-5 seconds
Maybe this 1 s timeout should be configurable?
That would be the cadillac approach. Note this prob is not limited
to http transactions, so parsing content-length is not going to
solve the problem. Considering that every protocol can suffer
from this at any point in time, I suspect that 1 second
is just a touch tight. I'd bump this up to the 3 second mark
as a sort of compromise, so that all of the existing recv()
calls work more reliably, at the expensive of adding 2 seconds
to the time taken to run virtually all tests. If that is done
via configuration, fine. But I'm not certain that this value
needs to be tweaked often enough for it to be configurable.
or so, or that a slightly more comprehensive
solution use simple calls to time() to determine elapsed time
and to set the remaining time, instead of to 1, the greater of
1 or the remaining time left...
No, that would make Nessus run slow in most situations.
Ya...realized that after I had sent the previous mail.
So that sort of takes it back to the previous approach
Thomas
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
