Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: NSEC Enumeration script
From: John Bond <john.r.bond () gmail com>
Date: Sat, 26 Feb 2011 14:03:28 +0100

On 26 February 2011 13:11, John Bond <john.r.bond () gmail com> wrote:
The script and the library hanges are getting closer to being accepted.
I still have doubts about the interface of dns.dnssec_query. In the
first place, it would be better if the DNSSEC queries could be made
using the same top-level function as other DNS queries--is DNSSEC really
so different that it needs a different interface? > I don't mind having a
convenience wrapper for DNSSEC, but it should call the same underlying
function as other queries.
not at all, i originally added all of this functionality to the normal
query fuction but i started to worry it might make other scripts
incompatible.  the main difference is dnssec_query has an extra return
'rPkt.dnssec' which indicates if the server responded with dnssec.  I
also use the host.ip instead of trying to use the system however this
is probably because of what im trying to do and could be set else
where.  edns is on by default but i think this should also be an
option for the query function.  Finnaly you would need another option
Just had a quick look and one of the other things is that dnssec_query
was a copy of query from before options.multiple so im will need to
check what effect this has on things
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]