mailing list archives
Re: [RFC] NSE Re-categorization
From: Fyodor <fyodor () insecure org>
Date: Thu, 12 Jun 2008 19:52:46 -0700
On Fri, Jun 13, 2008 at 01:07:10AM +0100, jah wrote:
On 12/06/2008 23:07, Kris Katterjohn wrote:
So I think that either intrusive should include scripts that are
intended to crash services (all in the name of securing ones own
network, of course) or perhaps there should be a category for "exploits"
to include scripts that actively exploit vulnerabilities and could crash
a service or cause an sysadmin alarm - even if the intention is merely
to detect a vulnerability.
Good point. We don't have any scripts intended to crash services now.
But if we ever were to add such a script, I'd argue for some sort of
"dos" category. A script which performas a SYN scan or tries to crash
a certain service goes beyond what I would normally think of even as
Exploits is another interesting category. If we had actual exploits
like you find in Metasploit, they might fit well in such a category.
Our brute force authentication scripts sort of fit the bill, but it
sounds like we'll probably have a more specific category for them.
So I think both of these are good potential categories, but I don't
think we should add any categories unless we have at least one script
included which will use them. And I don't know of any DoS or exploit
scripts right now.
It looks good. Using Informational and adding Exploits, you even get a
handy Mnemonic: VICED VIMS (from latin: Grasp with Vigour).
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org