Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Fwd: hadoop and hbase information gathering
From: John Bond <john.r.bond () gmail com>
Date: Thu, 13 Oct 2011 00:32:01 +0200

ment to send this here

On 13 October 2011 00:07, David Fifield <david () bamsoftware com> wrote:
On Sat, Oct 08, 2011 at 03:48:14PM +0200, John Bond wrote:

Thanks for these nice scripts, John.

All the scripts seem to work in a similar way: Grab a web page, do some
matching on the response body, and format the results. For this reason I
think it would be wise to factor out the common behavior.
Yes i thought about this too but the matches i have in place are a bit
hacky (which is why i was keen for testers). there are definitely some
places were code could be re-factored.  at the same time there was
enough difference between the various different interfaces to make me
think that even if a pice of code works for 2 ports now it might not
in the future.  said said i do have it in mind as something to think
about.

Patrik
proposed an httpmatch library that might be appropriate:

http://seclists.org/nmap-dev/2011/q2/377
I have also been thinking about this.  like i said the matches i did
above are a bit hacky and not good enough for a html parser.  however
i think it has given me some ideas on how i might explore this more

But I'm thinking it may be better to add the scripts first, and refactor
later.
Cool, also is there anything else that needs doing to this script.
one thing i have been thinking i might do is store the asn from
ip-to-asn in the nmap registry and use that if it is present.  that
said i think it should be good enough to be committed now
https://github.com/b4ldr/nse-scripts/blob/master/asn-to-prefix.nse

Can you recommend an easy way to set up Hadoop and Hbase to test?
how much capacity do you have 1-4 machines? let me know and i can give
you guidelines.  if you are familiar with cfengine 3 i can send you my
policies.

cheers john
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]