Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] NSE Re-categorization
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Wed, 18 Jun 2008 23:03:30 +0100

I like to be sure :)

How do you feel about the actual re-categorized list I posted?


Kris Katterjohn

What might be nice is a hierarchy to show which safer tests are
subsets of more "dangerous" or at least more involved tests.

Something like this:

                                /-> malware->\
                               /              \
safe --> discovery --> version --> vuln ----->|-> intrusive
                               \              /
                                \-> auth --->/

with demo and default on their own

A script like netbios-smb-os-discovery.nse does a lot of work.  It's
almost intrusive, but probably just a discovery.

The diagram helps me figure out where it should go and "version" seems
fine in that context since it does more than a simple discovery and
you don't want to run it without asking for version detection.

I also don't understand the benefit of having a script that is
"intrusive" also be a "discovery" scan.  If it is "intrusive" then I
don't want it running if I am only asking for "discovery."

They should be either "discovery" and relatively benign or "intrusive"
and used with intent.

Explain the logic between having a script in both categories.  Maybe I
just don't "get it."


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]