Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [RFC] NSE Re-categorization
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Wed, 18 Jun 2008 23:03:30 +0100


I like to be sure :)

How do you feel about the actual re-categorized list I posted?

-Jason


Thanks,
Kris Katterjohn

What might be nice is a hierarchy to show which safer tests are
subsets of more "dangerous" or at least more involved tests.

Something like this:


                                /-> malware->\
                               /              \
safe --> discovery --> version --> vuln ----->|-> intrusive
                               \              /
                                \-> auth --->/

with demo and default on their own

A script like netbios-smb-os-discovery.nse does a lot of work.  It's
almost intrusive, but probably just a discovery.

The diagram helps me figure out where it should go and "version" seems
fine in that context since it does more than a simple discovery and
you don't want to run it without asking for version detection.

I also don't understand the benefit of having a script that is
"intrusive" also be a "discovery" scan.  If it is "intrusive" then I
don't want it running if I am only asking for "discovery."

They should be either "discovery" and relatively benign or "intrusive"
and used with intent.

Explain the logic between having a script in both categories.  Maybe I
just don't "get it."

-Jason

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault