Nmap Development mailing list archives
Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts
From: Fyodor <fyodor () insecure org>
Date: Sun, 28 Mar 2010 19:24:30 -0700
On Mon, Mar 22, 2010 at 03:57:37PM -0500, Ron wrote:
On Mon, 22 Mar 2010 13:45:00 -0700 Fyodor <fyodor () insecure org> wrote: I'd be concerned about using --script-args to control the information, because I have a feeling a lot of people don't know about --script-args.
I agree with this. That's why I suggested that the output might contain a hint like: |_ Output condensed. For full details, run with: --script-args mssql-info=all
As script integration into Zenmap improves, though, that'll be a smaller concern. It seems like it makes more sense to have multiple scripts rather giant scripts -- having smaller ones is more flexible.
A think a single script for querying a single service can be as flexible as multiple scripts if the script-args are designed well. I think (in some cases) it can be easier for us to maintain, easier for users to run, and provide more elegant output than multiple scripts. In other cases, multiple script clearly win out. So I'm not suggesting we get overzealous about combining scripts, just that we examine whether any of our scripts could be reasonably combined. I sent some examples in my last email.
That being said, my smb-* scripts (as well as these mssql-* scripts and a lot of others) offload most of their work to nselibs anyways. The scripts themselves can almost be seen as the presentation layer. That doesn't really change anything, it's just a random thought.
Yeah, the multiple scripts would be a clear disaster if the protocol parsing code had to be repeated in each.
One advantage I can see to combining these scripts is re-use of connections. Rather than 10 scripts each making a connection to the service, only one script has to.
Good point.
A disadvantage would be speed, since NSE's biggest strength is being able to parallelize itself.
True, though the separated scripts may have to each repeat the same steps. For example, I imagine that nfs-dirlist needs to repeat the queries done by nfs-showmount, but it wouldn't need to if they were combined. And of course the separate scripts often each have to authenticate when a combined script may only have to do that once. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 21)
- <Possible follow-ups>
- [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 22)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Mar 22)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 22)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 22)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Ron (Mar 22)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 23)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 28)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Ron (Mar 28)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Mar 22)
- [NSE] Feature suggestion (GSoC?) Martin Holst Swende (Mar 25)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Kris Katterjohn (Mar 28)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Mar 28)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Kris Katterjohn (Mar 28)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Mar 30)