mailing list archives
Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Tue, 27 May 2008 20:50:26 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Yeah, I'm talking to myself again :)
Kris Katterjohn wrote:
Kris Katterjohn wrote:
Running against irc.efnet.org gives me:
6666/tcp open irc syn-ack
| IRC Server Info: Server: irc.blessed.net
| Version: ircd-ratbox-3.0.0beta3(20080423_3-25265). irc.blessed.net
| Servers/Ops/Chans/Users: 61/406/27994/59199
| Lservers/Lusers: 1/1360
| Uptime: 13 days, 6:41:47
| Source host: adsl-074-182-015-130.sip.jan.bellsouth.net
|_ Source ident: NONE or BLOCKED
Which is quite verbose. It too could be fixed up with nmap.verbosity(),
but I don't want to mess with it because I don't know what would be
interesting enough for IRC users :)
Does anybody else have an opinion on this one, or care to redo it with
IIRC this script and SMTPcommands are the only outstanding scripts, and
Jason is already working on the latter.
Since Fyodor committed Jason's new SMTPcommands, the only script
remaining is ircServerInfo. Nobody has said anything on it in a week,
so I'll keep it off the Default list.
I'd really like to commit this stuff soon, so if there are any
objections to the lists below (aside from switching SMTPcommands),
please let me know now.
Again, nobody has said anything in a while on this so I'm assuming the
list is agreeable.
* bruteTelnet - Too intrusive and slow
* chargenTest - Obscure / "demo"
* daytimeTest - Obscure / "demo"
* echoTest - Obscure / "demo"
* HTTPpasswd - A bit too intrusive and probably not useful enough
* HTTPtrace - Not default material
* iax2Detect - "version"
* ircServerInfo - Should be redone with nmap.verbosity() ?
* ircZombieTest - "malware"
* kibuvDetection - "malware"
* netbios-smb-os-detection - I want this to be default, but it's "version"
* PPTPversion - "version"
* promiscuous - I don't think it's useful enough
* ripeQuery - Abusive to RIPE
* showHTTPversion - Obscure / only category is ""
* showSMTPVersion - Obscure / "demo"
* showSSHVersion - Obscure / "demo"
* skype_v2-version - "version"
* SMTPcommands - Jason is handling it with nmap.verbosity()
* SMTP_openrelay_test - "demo" because of "real hostname" issue
* SQLInject - Obvious reasons :)
* strangeSMTPport - Obscure / "backdoor"
* xamppDefaultPass - "vulnerability"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: [RFC] Default NSE Scripts Fyodor (May 12)