mailing list archives
Re: Nmap script ideas wiki
From: Ron <ron () skullsecurity net>
Date: Wed, 16 Mar 2011 11:13:32 -0500
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 15 Mar 2011 20:14:29 +0200 Toni Ruottu <toni.ruottu () iki fi> wrote:
present in many of them is that the protocol may be really open and
powerful, so deciding how far to go in the scan is hard.
That's a good question, and one that I run into a lot.
What I typically do with Nmap is go as far as I am reasonably able to. That's what differentiates Nmap from other
scanners like Nexpose, Nessus, etc - Most security scanners are simply concerned with find out if a vulnerability
exists or not, and perhaps proving it, then generating a report and letting the user/customer/whoever know how
vulnerable they are.
Nmap scriptings, on the other hand, are extensions to nmap's probing techniques. I see them as a way to get
additionally data/information from a host that may interest the scanner (whether they're a pentester, etc).
So, IMO, you should go as far as you can.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
-----END PGP SIGNATURE-----
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
Re: Nmap script ideas wiki Ron (Mar 14)