mailing list archives
Re: [RFC] Default NSE Scripts
From: Fyodor <fyodor () insecure org>
Date: Mon, 12 May 2008 13:44:42 -0700
On Sat, May 10, 2008 at 05:02:06PM -0500, Kris Katterjohn wrote:
Well, by "generally useful" I mean that quite a bit of people will find
it useful. It produces interesting output for a protocol/service that's
not obscure so that it is /generally/ useful.
Yes, though I think obscure service scripts are great to have by default as long as they only run when that service is
present. Scripts should only be denied for obscurity if they consume time, output lines, or other resources in cases
where the service/issue is not present.
Isn't finger a bit obscure now?
It is, but I see finger running often enough that I think it's a good
default (though it's not terribly popular either).
This is one of those issues where finger.nse is useful when finger is
available, and doesn't hurt anything when it isn't. The script only
runs if port 79 (or any port detected as "finger" by service
detection) is open. So even if finger is considered obscure, it is
ueful to have this script IMHO for those times it is running. And if
finger isn't running, the script doesn't run either. So it doesn't
hurt anything in that case.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: [RFC] Default NSE Scripts jah (May 10)
Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
Re: [RFC] Default NSE Scripts Fyodor (May 12)
Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)