mailing list archives
Re: Thoughts on script documentation
From: David Fifield <david () bamsoftware com>
Date: Wed, 12 Jan 2011 19:21:27 -0800
On Fri, Dec 10, 2010 at 01:14:49PM +0100, Martin Holst Swende wrote:
On 12/08/2010 10:06 PM, David Fifield wrote:
What if Nmap just came with a script that did the equivalent of
rsync -r rsync://nmap.org/scripts/ /usr/share/nmap/scripts/
rsync -r rsync://nmap.org/nselib/ /usr/share/nmap/nselib/
This is pretty much what openvas-nvt-sync does. It also can download a
.tar.bz2 file if rsync isn't installed.
Maybe rsync would be easy to get to Windows users. This also wouldn't
solve the problem of version dependencies.
That would be great!
It could be good to add some possibility to detect and warn a user if
there are *known* compatibility issues. E.g, issuing GET
http://nmap.org/scriptupdate?version=<installed_version> before the
rsync takes place. If scriptupdate detects that version is blacklisted
as "incompatible" with the current head, it could return an appropriate
status code and message : "Some of the scripts you are about to fetch
are marked as incompatible with your version of nmap. ".
Well, that's the rub. It's easy to set up some rsync service, but much
harder to build (and especially maintain) some list of compatibilities.
And not only on Nmap maintainers. New script writers (if they wanted to
be thorough) would have to test their scripts against previous versions
and see when they stop working.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/
- <Possible follow-ups>
- Re: Thoughts on script documentation David Fifield (Jan 13)