Nmap Development mailing list archives
NSE Questions
From: Alan Jones <alan () ajsquared us>
Date: Sat, 19 Aug 2006 12:04:08 -0500
I have not actively followed the NSE development and related discussions, but as I started seeing the possibilities I was getting more excited. In looking at the Nmap-nse-man file and the mailing list I had questions I hope are not to basic. Don't be offended as I am sure there may be others with the same question. If the questions are good maybe there could be some additional documentation around in those areas added or enhanced? The questions were kind of a brain dump so sorry if things got long, but hopefully they not to confusing. I see one can run multiple scrips if the are under the directory /nse-scripts/, can I assume it will run scrips under the sub and sub sub directories under the /nse-scripts/ directory? I already see the NSE scripts growing quickly. Fyodor will you or could you provide a separate download zip file of the NSE scripts on a more frequent basis then Nmap updates? Then while an Nmap update is still being worked out people could get current set of all offered scripts. Of course doing this might mean the directory structure of scrips should be changed. Maybe /nse-scripts/default/ and /nse-scripts/custom/ so that when one unzips all current offered scrips it would not over wright anything in the /custom/ folder?
From my reading it sounds like one could do a standard NMAP scan plus
all or a set of NSE scripts, is this correct? some thing like: nmap -sC -v -v -v -A -sV -version-all -O -oX <some hopefully small IP range> I did not see any mention of XML output. Can the script output along with other output be sent to an XML file? Are there or should there be standards around tag types and outputs for XML consistency? Does the output include a list of what scrips were used in scanning? Nmap tells you what parameters are used when scanning, but just reporting that scripting was turned on does not tell you what scrips were used and what they scanned for. Example does it report basically we ran the following scrips "Kibuv Test", "MSWindows Shell", "Skype v2", etc... pulling from the script's ID line. If the system does not report what scrips one ran and the output and the script does not flag that something is happening like "Skype v2 server detected" as a response then one would not know something was checked for. This is especially important for sharing with a team member on an internal scan/audit so others know what you checked for ... or did not check for. I am confused around the --script-updatedb option. Can one specify --script-updatedb as part of the normal nmap script scan option just in case there were new/changed scripts or do you have to update the DB then to a scan (2 steps)? Depending on timing I would think most people would like to just update the db every time they change things much. Fyodor, not NSE related, but when when it is time to start collecting fingerprints for the the new OS Database will you post updates as a separate download and not just hold off till the next Nmap update? This could also help prevent people from sending you so many copies of the same fingerprint. thanks for all the information Alan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE Questions Alan Jones (Aug 19)
- Re: NSE Questions Diman Todorov (Sep 05)