Re: [Exp PATCH] Send proper UDPLite headers with -sO

[Fyodor <fyodor () insecure org>]

On Mon, Apr 23, 2007 at 11:41:46AM -0500, Kris Katterjohn wrote:
> Hey everyone,

Hi Kris and everyone!  I've been quiet lately because I've been at
CanSecWest, but I just got back and am going through my email.

> So, do you think this protocol is "important" enough to send valid
> headers with when doing -sO?

Thanks for the patch.  I think we should weight how much code we have
to add (more is worse) against how common the protocol is (more is
better).  I think UDPLite is pretty obscure, but on the other hand
your patch is very small.  So it seems reasonable to add if it can be
done cleanly, IMHO.

> Since UDP and UDPLite are so similar, I just added a boolean flag in
> build_udp_raw() to signify using UDPLite (it's false by default, so no
> need changing udp code using this function).

This is my main concern.  build_udp_raw is a very common and important
function.  So I hate to add parameters to it just for one obscure
case.  Can you easily build the udp packet normally, then just make
the necessary adjustment for UDPlite in the code?

I think we should only add it if either:

a) The protocol becomes popular; or
b) the support can be added with few lines of code and without adding
   special-purpose parameters to functions like build_udp_raw.

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org