On Mon, Apr 23, 2007 at 11:41:46AM -0500, Kris Katterjohn wrote:
> Hey everyone,
Hi Kris and everyone! I've been quiet lately because I've been at
CanSecWest, but I just got back and am going through my email.
> So, do you think this protocol is "important" enough to send valid
> headers with when doing -sO?
Thanks for the patch. I think we should weight how much code we have
to add (more is worse) against how common the protocol is (more is
better). I think UDPLite is pretty obscure, but on the other hand
your patch is very small. So it seems reasonable to add if it can be
done cleanly, IMHO.
> Since UDP and UDPLite are so similar, I just added a boolean flag in
> build_udp_raw() to signify using UDPLite (it's false by default, so no
> need changing udp code using this function).
This is my main concern. build_udp_raw is a very common and important
function. So I hate to add parameters to it just for one obscure
case. Can you easily build the udp packet normally, then just make
the necessary adjustment for UDPlite in the code?
I think we should only add it if either:
a) The protocol becomes popular; or
b) the support can be added with few lines of code and without adding
special-purpose parameters to functions like build_udp_raw.
Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Apr 23 2007
Intro
