mailing list archives
Re: [NSE] ms-sql scripts and library updates merged
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 29 Mar 2011 01:08:56 +0200
Den 2011-03-19 21.45 skrev Fyodor <fyodor () insecure org>:
On Sat, Feb 26, 2011 at 11:50:25PM +0100, Patrik Karlsson wrote:
I just merged the work Chris Woodbury and I have been doing on the
This is exciting stuff! But I'm noticed some unfortunate performance
characteristics in certain scans due to the way that ms-sql-discover
and ms-sql-info are in the "default" category and have hostrules which
basically match every host. So say I want to scan for web servers and
run the default web-related scripts against them. I might do:
./nmap --datadir . -p80 -Pn -n -v --open -T4 -sC scanme.nmap.org/24
This took 120 seconds in the run I just did. But almost all of this
time is actually from ms-sql-*. If I change -sC to "--script default
and not ms-sql-*" to exclude the sql scripts, it takes less than 7
I'm not sure of the best solution. Options include:
o Remove these scripts from "default"
o Make mssql.SCANNED_PORTS_ONLY default behavior (so it looks at the
port state of common ms-sql ports rather than trying to query all
o Or maybe there are other ways to make it more selective or faster?
What do you think?
Sorry for not getting back to you on this. As I haven't had the time to
come up with a better solution, I propose we remove it from default for
now. Anyone disagree?
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/