Nmap Development mailing list archives
Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024)
From: Diman Todorov <diman.todorov () chello at>
Date: Tue, 5 Sep 2006 17:08:28 +0200
Adding more binary data support to NSE is on my TODO list.
- A references lua table for CVE, BID, YATID, OSVDBID might be good. Full bug descriptions, like in nasl files, are redundant information for most nmap hackers (;
I am not quite sure what you're talking about here :)
- Filename naming guidelines
There are already some guidelines in the man page. I should probably split the man page into more documents though. One of these should definitely be coding guide lines. Documentation is currently top priority on my TODO list.
- NSE is a very cool feature, I really like it <:
I am glad :)
- I am currently hacking fpdns.pl[2] to output its database and a NSE script using the database
I have already had someone suggest to write an NSE script to muck about in the nagios database. Perhaps this kind of scripts should be considered in more detail.
I must admit that I am not quite sure if this is wanted. On the one hand -sV supports Nameserver version detection, but on the other the fpdns detection is also very good. Unix tradition shows that many good tools do a good job. I also do not want that nmap `eats` the fpdns project or that NSE `eats` the nmap service detection. Any advise?
NSE won't 'eat' -sV simply because -sV runs a lot faster than NSE. You should use NSE only when the version detection features are not sufficient for the task at hand.
[1] http://groebert.org/felix/pub/nmap/nmap-4.20ALPHA4-NSE-bitops.patch http://groebert.org/felix/pub/nmap/dns-test-open-recursion.lua http://groebert.org/felix/pub/nmap/
I will have a look at this. cheers Diman _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Felix Groebert (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Kevin Johnson (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 05)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 09)