Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Mon, 12 May 2008 12:28:47 -0700

On Mon, May 12, 2008 at 01:02:24PM +0200, Daniel Roethlisberger wrote:
Kris Katterjohn <katterjohn () gmail com> 2008-05-10:
jah wrote:
On 09/05/2008 23:17, Kris Katterjohn wrote:

* ripeQuery
This is a safe script with regard to the target, but RIPE might think it
less so.  Especially as it would query RIPE for every target regardless
of whether the target is in RIPE's allocation.  I think it should stay
in discovery.
This is a script I kept switching between the lists.  I think you may be
right in that it's not be default material.  Anybody else want to chime
in on this one?

I think this script could rightly be perceived as abusive by RIPE.  I
would not include this in the default set.

There is also the problem that it does the query for every IP scanned
even though many of them may belong in the same netblock.  For
example, when I scan, RIPE returns:

inetnum: -

The script should save that information and not query for any more
hosts in that range.  We've discussed this with regard to the
whois.nse script (which might completely replace ripeQuery.nse).
Right now there are NSE concurrency limitations which make this
difficult to implement, but Patrick is working on a solution.

So I agree with the others that we should remove this from default for
now.  If it is fixed to be more efficient, we can add it again later.
Or if it is replaced by whois.nse or another script, we can remove it.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]