Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Sun, 11 May 2008 00:06:13 +0530

On 5/10/08, Fyodor <fyodor () insecure org> wrote:
On Sat, May 10, 2008 at 04:43:15AM +0000, Brandon Enright wrote:

Who knows if any of this crap would actually hold up in court.  I
really don't think any scripts in the default category though should
also fall into the "askalayer" category.

A user of Nmap takes responsibility for their actions into their own
hands.  Lets not have the proverbial gun pointing at their foot by
default though, lets make them aim it there on their own.

I see your point, but I think that many/most scripts have the
potential to annoy the sorts of people would would put out a public
FTP server with anonymous access enabled, and then complain when
people log in.  Also, these scripts won't run with a deafult scan like
"nmap <target>".  Only if you specify scripting with an option such as
-sC or -A.  And anonFTP has run by default (if you're ask for
scripting) since it was added in 2006 and I haven't heard any
complaints about it being default.  So this isn't a change in
behavior.


This topic had crossed my mind when I was making the lists.  I, too,
figured that since anonFTP has always been running by default that it
was OK to be on the new list.  But thank you, Brandon, for bringing up
the FTP banners because I hadn't considered them.

Maybe what we need to do is document better that -sC/-A are
particularly intrusive and really shouldn't be run without permission
of the target network.

While I don't think I'd want exploits running by default with -sC, I'd
like to have vulnerability checks included so that Nmap can tell you
if it sees a gaping hole.  And many admins don't like folks
vuln-checking their servers without permission.


I like the idea of basic checks being performed, and I also agree that
the docs should probably be updated.  I can work on this along with
the other docs I'm updating for the new category.

Cheers,
-F


Thanks,
Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault