Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Mon, 12 May 2008 13:44:42 -0700

On Sat, May 10, 2008 at 05:02:06PM -0500, Kris Katterjohn wrote:

Well, by "generally useful" I mean that quite a bit of people will find
it useful.  It produces interesting output for a protocol/service that's
not obscure so that it is /generally/ useful.

Yes, though I think obscure service scripts are great to have by default as long as they only run when that service is 
present.  Scripts should only be denied for obscurity if they consume time, output lines, or other resources in cases 
where the service/issue is not present.

* finger
Isn't finger a bit obscure now?

It is, but I see finger running often enough that I think it's a good
default (though it's not terribly popular either).

This is one of those issues where finger.nse is useful when finger is
available, and doesn't hurt anything when it isn't.  The script only
runs if port 79 (or any port detected as "finger" by service
detection) is open.  So even if finger is considered obscure, it is
ueful to have this script IMHO for those times it is running.  And if
finger isn't running, the script doesn't run either.  So it doesn't
hurt anything in that case.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]