|
Nmap Development
mailing list archives
Re: [RFC] NSE Re-categorization
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Wed, 2 Jul 2008 21:41:09 +0100
On Sun, Jun 29, 2008 at 4:44 AM, Fyodor <> wrote:
On Wed, Jun 18, 2008 at 11:03:30PM +0100, DePriest, Jason R. wrote:
They should be either "discovery" and relatively benign or "intrusive"
and used with intent.
Explain the logic between having a script in both categories. Maybe I
just don't "get it."
Well, there are currently three scripts in both "discovery" and
"intrusive" categories:
HTTP_open_proxy.nse:categories = {"default", "discovery", "intrusive"}
MSSQLm.nse:categories = {"default", "discovery", "intrusive"}
zoneTrans.nse:categories = {'default', 'intrusive', 'discovery'}
What do you think would be a better way to categorize them?
Cheers,
-F
MSSQLm.nse actually tries to login to the SQL server using 'sa' and a
blank password. That *part* of the script is intrusive. The rest of
it is discovery and is very useful for version detection. Break it in
to two scripts maybe?
HTTP_open_proxy.nse could probably be just discovery. It sends a
single request that is a normal looking, non-malformed request.
I don't know enough about DNS to read through zoneTrans. Since zone
transfers are a popular recon technique, if that is actually what the
script does, perform a full zone transfer, it is definitely intrusive.
It it just determines whether or not a zone transfer is possible but
doesn't actually do it, it would be discovery.
These are just my opinions and I'd be eager to hear what others think.
-Jason
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- Re: [RFC] NSE Re-categorization DePriest, Jason R. (Jul 02)
|
Intro
