Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: regarding rpc based protocols and rpcinfo script
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Fri, 29 Apr 2011 23:03:23 +0300

We need to figure out which scripts should go into default, and which
should go into intrusive.

My impression is that the following scripts should go into default:
  dhcp-discover
  dns-recursion
  dns-zone-transfer
  http-open-proxy
  socks-open-proxy

I am not sure I understand these well enough, to decide:
  ftp-bounce
  http-auth

On Thu, Apr 28, 2011 at 7:00 AM, David Fifield <david () bamsoftware com> wrote:
On Sun, Mar 20, 2011 at 02:11:03PM +0200, Toni Ruottu wrote:
I almost wrote my own rpcinfo because I could not imagine that it
might not be in the default category. I think every script that is not
enabled by default should have a comment which explains why. Maybe we
could form a convention while there are not yet thousands of scripts.
When the explanation is explicit it is falsifiable and can be
reconsidered later.

We could have exceptions for cases where the script belongs to version
category or intrusive category. Writing a comment "non-default reason:
intrusive" might be useful in cases where the script is later moved
out from intrusive category, and someone forgets to add it to default.

At the moment there are two intrusive scripts that are run by default.
Is this an error? I though a script could only belong to one. Also, I
think we agreed earlier that netbus-auth-bypass should be in default,
but it is not.

Can you send a patch fixing these problems? I think that intrusive
should not also be in default.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault