mailing list archives
RE: Nmap 4.23RC3 & SSL Tunnels
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Fri, 7 Dec 2007 11:57:43 -0600
From: nmap-dev-bounces () insecure org
[mailto:nmap-dev-bounces () insecure org] On Behalf Of Lionel Cons
Sent: Friday, December 07, 2007 4:46 AM
To: Kris Katterjohn
Cc: nmap-dev () insecure org; Fyodor; Thomas Buchanan
Subject: Re: Nmap 4.23RC3 & SSL Tunnels
Kris Katterjohn writes:
> What about something general like this:
> <library name="openssl" version="[version]" />
> <library name="libpcap" version="[version]" />
> <library name="libpcre" version="[version]" />
> <!-- etc -->
Fine by me.
How does the attached patch (against SVN r6441) look? It prints the
library versions for libpcap, libpcre, liblua (if included) and openssl
Some questions that I had:
1. Where should the output go in the XML file? I put it right after
the verbosity / debugging information.
2. What level of verbosity / debugging should be required to include
this information? The patch reflects my opinion that it should be
included at debugging >=1.
3. I make no guarantees that the patch to nmap.dtd is even remotely
correct. I don't use the XML output on a regular basis, so that effort
was just best-guess.
4. Should any other library versions be reported? I thought maybe
libdnet, but I couldn't see a very clean way to do that. The library
version is defined in (autogenerated) config.h and Makefile, and to be
honest, I didn't feel like messing with it.
I have tested the attached patch on Windows and Linux, and it seems to
work for me.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org