Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 15 May 2008 00:34:36 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brandon Enright wrote:
So I have a question about shortport from the script: portrule = shortport.portnumber(53, "udp") Is shortport for UDP == "open" or is it == "open|filtered"? The docs don't say and I haven't dug into the code. If it is "open|filtered" we shouldn't include it by default. If it is "open" I think we should. I suppose that would most likely require -sV to have determined the port is open but that shouldn't be that big a deal. The script output is valuable enough that I'd like it to run by default if port 53 has already been flagged as open.
Good point! Looking at shortport.lua it seems that all of the functions default to a state of "open" OR "open|filtered" (regardless of the protocol), but a different state can be passed to any of them. But changing this would present a problem: what about users specifying the script explicitly (or by "intrusive" or whatever) and who want it also run against open|filtered ports as is typical due to the default behavior in shortport? There's no way that I know of to differentiate and say "run it by default only if it's open, but it can be used against open|filtered ports otherwise" Maybe Jah's been right all along in that it shouldn't be default :)
Brandon
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSCvLav9K37xXYl36AQJnDA//X4N1fjkPJHMAoGdRecBpzbuksrYhDXgf stfbRzlpWHtdxD5Zrw8gEnY5jz/ARs7srcriBc0Nxl8mIjclpUhOUibj6U6mCA64 wLig6Bb32B0BAZMg4h4vU061zyGxa0F3GdK6StijhfgkD2+40zXqtLNpHQg576pj +ec11lcgPJhv/OOd3U4yXUZJQ6eSSsB414bG+hC0gU8z4YPzR8Y9wfOHH2Kmtu32 sjMjYfTlBEz1eKP9L0ap6X/j2GPA6n5cy56A1Ywa2nrKUi0h8y1UfKuS/bzFrVIp qJfQ+s/FHez15dffK6QBdDTOpc7/tbfXq7PW0Ud8cNVrv0UChtb8+zXcXaSOCJ3g HJbcrzjnwDRt2a2zSYftyGFFojSYOSeUeLmxOeMSUn7i+gz86dZduMipEcG7G8tt WXSl2r3H97hsoUWS4MLmN+yqruYvZdVDQLUQcGvZmxRURqtRIJBt2dolDYD/OjXd tAuwCAtA5j62b9JEZoam9lvz6YtnNcoJlCFkhN2Zp2tQWZ1/wWcJ/dpU/ZYVZcj0 V6TGfXtRoSwA917jhRU672jKRfUKQ3o+sKtEWsbAv9T5WRsXXR8mqXWJAObVhex8 Td/KPWnt7VnumtcXj7fYO0qjhfys7Nawf9n78xuWg+BoRjwaKAJua4FCjwO+gu2K qYBRjRJvd7w= =X6C6 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [RFC] Default NSE Scripts, (continued)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts jah (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts Fyodor (May 16)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Fyodor (May 19)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 20)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 21)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 20)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 27)