mailing list archives
Re: Suspect that --host-timeout is not working in 4.50?
From: Fyodor <fyodor () insecure org>
Date: Thu, 20 Dec 2007 19:05:19 -0800
On Fri, Dec 21, 2007 at 03:00:00AM +0000, jah wrote:
On 16/12/2007 04:08, Randolph Reitz wrote:
So there are two issues here. One, the script doesn't obey
--host-timeout and Two, there's a bug, I think, in bruteTelnet.
Can anyone shed any light on the first? Are NSE scripts supposed to
obey --host-timeout? Is there a way for the script to get that
information from nmap api?
Yes, NSE (and all other parts of Nmap) need to enforce --host-timeout.
The scripts themselves don't need to worry about it--Nmap itself
should abandon probing a host when the timeout hits. This doesn't
seem to be working for NSE, and that is an important bug which needs
to be fixed.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org