RE: NSE issue with shortport

["Thomas Buchanan" <TBuchanan () thecompassgrp net>]

> -----Original Message-----
> From: nmap-dev-bounces () insecure org 
> [mailto:nmap-dev-bounces () insecure org] On Behalf Of Matthew Boyle
> Sent: Thursday, November 15, 2007 2:51 PM
> To: nmap-dev () insecure org
> Subject: RE: NSE issue with shortport
>
>
> something like this?
>
> it automatically sets the port to have a new reason 
> ("script-set") when you modify its state.  mostly this is a 
> lot easier than finding the correct reason_code from the 
> user's (possibly ambiguous or incorrect) string, but also 
> because i think this is a more accurate representation of 
> what happened.  though i suppose we could guess that, say, a 
> UDP port is being set to "open" because we've received a 
> udp-response).

It works well in the brief testing I did.  Another scenario to consider
is when the service / version detection system changes the port state.
Not sure if something separate from "script-set" would be called for
there, or as you suggest, it should just use {protocol}-response as a
reason.
 
> it also adds an extra "reason" field to the port-table for 
> good measure.  this is a bit flakey: changing the port state 
> doesn't update it.  i'm not sure if this is likely to be a 
> problem, or just a potential source of minor confusion, but i 
> certainly can't see a sane way of doing it.
>
> --matt


Thanks for working this up.  It's nice from a completeness and accuracy
point of view.

Thomas

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org