Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] NSE Re-categorization
From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 13 Jun 2008 00:54:05 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fyodor wrote:
On Fri, Jun 13, 2008 at 01:07:10AM +0100, jah wrote:
On 12/06/2008 23:07, Kris Katterjohn wrote:

So I think that either intrusive should include scripts that are
intended to crash services (all in the name of securing ones own
network, of course) or perhaps there should be a category for "exploits"
to include scripts that actively exploit vulnerabilities and could crash
a service or cause an sysadmin alarm - even if the intention is merely
to detect a vulnerability.

Good point.  We don't have any scripts intended to crash services now.
But if we ever were to add such a script, I'd argue for some sort of
"dos" category.  A script which performas a SYN scan or tries to crash
a certain service goes beyond what I would normally think of even as
"intrusive", IMHO.

Exploits is another interesting category.  If we had actual exploits
like you find in Metasploit, they might fit well in such a category.
Our brute force authentication scripts sort of fit the bill, but it
sounds like we'll probably have a more specific category for them.

So I think both of these are good potential categories, but I don't
think we should add any categories unless we have at least one script
included which will use them.  And I don't know of any DoS or exploit
scripts right now.


Agreed.  And of course if we create categories like these, they will go along
with Safe and Intrusive wrt the "all-encompassing" factor.

Cheers,
-F

Thanks,
Kris Katterjohn


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSFILev9K37xXYl36AQIK8Q//a2+9/SdkuD6ETPxvUemqQCLV2N0C6iVc
/hA01eGFmr6GmH1lg73lquAm1YDTFLywdAMBYDrlsmhGA/dQvx9MWo/sJL/pmL5d
UKXyYC22WV2Chzs7r+IFjpZqgFJhQ4Hm8V9POJj7BJjOZDXFLY6X0WHYCKbsBaXG
t7apvVDD5tVYATotuu7oGNCVizO/nCaJlo6IgIwtNijwOFgl1RxLVf9/Zzut8w4K
2TNh2vNF0qCTRkihsuj6nYernnTHItz5dO8WVM1oxcIWnt3ecIiIo0tAoxDP58Y5
Xh3NSOnx7cdHqiBKiYFfE99tOCAPCpzQ8KwTcQ1SM38/su4Cv9B4z7hIr6AwY9RU
bSO4V6akVyMUedkbGuISM55shFmI+EH4ysgPrgzOIM+QzfiVTE7ubulKW1JYrO4M
HYfBTXqBvRgU0zlpesqIrIoehh9Xl21e7oQH5Tjlz7M6DOz8IoKCtHSGiszQhmOD
hx9cCwOUYtuNC4+p2r6RBRsvbnViQCrm/NEchtVNwfECMQO4CKtQvX3MB8Shs0pC
f190wnY8KYvLWJtGqBgSU1WPxq0wm62y00x3MRd1l7TfNv9yJ417Jd4MPJwpkshP
ocFRGUVmIbrvFiLA7C2Grt/ob99oaTzrE3P5107yirsRpUUNTKFOziwSoou1CLT3
wnq6jFNoaOU=
=9yOQ
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]