mailing list archives
Re: Script force
From: Fyodor <fyodor () insecure org>
Date: Mon, 19 Dec 2011 13:33:51 -0800
On Tue, Dec 13, 2011 at 10:07:29PM +0100, Martin Holst Swende wrote:
On 12/11/2011 10:40 PM, Djalal Harouni wrote:
I did my best, not really quite at
home with the formatting options, and I also tried to place the info
where it seemed appropriate,
Thanks Martin. I added it in my own way, but using your diff and your
other emails as a very useful source.
synching with my paperback version, but it seems a bit outdated
Yeah, we've made so many changes to NSE that it is probably best to
compare with the online version (http://nmap.org/book/nse.html) as
that is kept updated.
I don't really know how
to, syntactically, define that a plus sign is optional:
To simplify things, I left '+' off the syntax and also removed the
"all" option. They are still described in the description though for
I'm glad the feature has made it's way into the repository! Thanks
for working with us to make so many changes. There are two issues I'm
curious about now:
o I'm assuming that --force will currently run even against closed and
filtered ports. Do you think we should make an exception for those,
and run the script only if the portrule returns true OR the port is
open or open|filtered?
o I added a usage example in the chapter based on your description of
having a list of ms-sql servers, some of which may be on unusual
ports. If you think there is a better prime example for this
capability, let me know.
o I'm assuming this script works for prerules, portrules, hostrules,
and postrules. My initial thought is that we ought to leave it like
that and users should be careful to only force scripts where it
makes sense. But if we think it never makes sense to force a
prerule or postrule script, we could remove that capability.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/