Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: NSE output verbosity (p2p-conficker)
From: Ron <ron () skullsecurity net>
Date: Thu, 04 Jun 2009 16:23:31 -0500

Fyodor wrote:
On Thu, Jun 04, 2009 at 08:11:14AM -0500, Ron wrote:
Ron wrote:

Ok, I managed to throw this together before work. If you're below
verbosity 2, you'll just get:

Thanks Ron, this helps.  I also just made further output changes in
r13522:

o If an infection is found, print the whole table regardless of
  verbosity so the user can see which tests/ports showed an infection.

o Print nothing for clean machines unless running with -vv.  That way
  folks who run it as part of the default script set don't have to
  read about every machine which is NOT infected.  So many "false
  alarms" could cause them to miss noticing the infection reports.
  
o I updated the examples in the nsedoc to include -vv, since those are
  specifically designed for Conficker scanning.

Let me know if you see any problems with these changes.

Cheers,
-F

Perfect, those changes are just right.

We might want to make similar changes to smb-check-vulns for Conficker,
and maybe to http-iis-webdav-whatever. Those were all timely scripts
that don't need to be noisy in a stable release.

(I also full agree about automatically upping the verbosity if a script
is run explicitly)

Ron


-- 
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault