mailing list archives
Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Mon, 12 May 2008 12:28:47 -0700
On Mon, May 12, 2008 at 01:02:24PM +0200, Daniel Roethlisberger wrote:
Kris Katterjohn <katterjohn () gmail com> 2008-05-10:
On 09/05/2008 23:17, Kris Katterjohn wrote:
This is a safe script with regard to the target, but RIPE might think it
less so. Especially as it would query RIPE for every target regardless
of whether the target is in RIPE's allocation. I think it should stay
This is a script I kept switching between the lists. I think you may be
right in that it's not be default material. Anybody else want to chime
in on this one?
I think this script could rightly be perceived as abusive by RIPE. I
would not include this in the default set.
There is also the problem that it does the query for every IP scanned
even though many of them may belong in the same netblock. For
example, when I scan 220.127.116.11, RIPE returns:
inetnum: 18.104.22.168 - 22.214.171.124
The script should save that information and not query for any more
hosts in that range. We've discussed this with regard to the
whois.nse script (which might completely replace ripeQuery.nse).
Right now there are NSE concurrency limitations which make this
difficult to implement, but Patrick is working on a solution.
So I agree with the others that we should remove this from default for
now. If it is fixed to be more efficient, we can add it again later.
Or if it is replaced by whois.nse or another script, we can remove it.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: [RFC] Default NSE Scripts jah (May 10)
Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
Re: [RFC] Default NSE Scripts Fyodor (May 12)