Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Nmap comprehensive scan problem via Armitage
From: David Fifield <david () bamsoftware com>
Date: Fri, 17 Jun 2011 00:41:57 -0700

On Fri, Jun 17, 2011 at 10:12:08AM +0300, Shinnok wrote:
Hi,

Maybe we should keep these really intrusive scripts like
flood/(d)dos/exploit outside the reach of --script all, since they are
kind of dangerous scripts and somewhat counter-intuitive to what Nmap
should do. There's also the fact that now we have well over 200
scripts and given the speed at which new scripts are added and old
ones updated, it is really hard to keep up with them, especially for
someone not directly involved with Nmap.
Possible solutions:
*A warning message explaining the fact that the dangerous scripts will
be ran explicitly stating keywords like dos/exploit is another way.
*Disallow them on all categories, unless explicit --script
intrusive/exploit/dos/etc.. is specified.
*Move all these kind of scripts to the intrusive category and keep
them out of reach --script all.

We already undocumented --script=all. I think the plan is just to remove
it because it's basically useless, for the reasons you cite.

It looks like Armitage got the command line from our "Slow comprehensive
scan" Zenmap profile:

command = nmap -sS -sU -T4 -A -v -PE -PS80,443 -PA3389 -PP -PU40125 -PY --source-port 53 --script all

We should change that. What do you think, maybe "discovery and safe"?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]